Okc Aceds Edex App

yz{|}ÿ}
0123456ÿ899
2 241ÿ345ÿ89954
ÿ43ÿ41 2121ÿ
ÿ 241ÿ
ÿÿ !ÿ"!ÿ#$ÿÿ
%!ÿ"!ÿ#ÿ#ÿ&!'ÿ
Oklahoma
Qÿ""&\ÿ&\]ÿ#&%ÿ ()ÿ*+ÿ,)-./+0+1ÿ*2ÿ03+ÿ4567ÿ8090+ÿ:+;</90):2ÿ9;+=,2ÿ9=1ÿ
ÿA^47ÿ :+0<:=+1ÿ0)ÿ9../>,9=0?ÿÿÿÿ
CLE Companion 5)<:@+ÿA<-*+:BÿCCCCCCCCÿ D90+BÿCCCCCCCCCCÿ
(3+ÿE)//)F>=;ÿ9,0>)=ÿ39@ÿ*++=ÿ09G+=ÿ)=ÿ03>@ÿ9../>,90>)=Bÿ
ÿ^DD[788ÿ ÿ &H!'ÿE):ÿ9ÿ0)09/ÿ)EÿÿCCCCCCCCCCÿ567ÿ,:+1>0@ÿ
8([77( PO Box 160411 I=,/<1>=;ÿ CCCCCCCCCCÿ703>,@ÿ5:+1>0@ÿ
J03+:ÿ5:+1>0ÿK:+9G1)F=BÿCCCCCCCCCCCÿ
ÿ5I(_ÿ Austin 8(^(7ÿ TX ÌPÿ L>Eÿ9../>,9*/+Mÿ
78716
ÿ(767PaJA7ÿ b^cÿ 74Î6ÿ ÿ ÿ&H!'ÿ
L8++ÿ,)--+=0@ÿ*+/)Fÿ):ÿ911>0>)=9/ÿ>=E):-90>)=ÿ9009,3+1?Mÿ
kristin@clecompanion.com
ÿ &!N&!'ÿE):ÿ03+ÿ:+O<+@0ÿ)Eÿ911>0>)=9/ÿ>=E):-90>)=?ÿ
Rÿ!ÿ#ÿ!'NÿHdÿ P/+9@+ÿ,)-./+0+ÿ+9,3ÿ>0+-ÿ)=ÿ03+ÿE):-ÿ9@ÿ>=1>,90+1ÿ*2ÿ03+ÿ
ACEDS e-Discovery Executive Certificate Program
=<-*+:@ÿ,>:,/+1ÿ*+/)F?ÿ
QÿÿÿRÿÿÿSÿÿÿTÿÿÿUÿÿÿVÿÿÿWÿÿÿXÿÿÿYÿÿÿQZÿÿÿQQÿÿÿQRÿÿÿQSÿÿÿQTÿÿQUÿÿÿQVÿ
Sÿ'!e"f e"f ÿ !&ÿÿÿ
[+;</90):ÿ5)--+=0@Bÿÿ
1/4/2021 On Demand Program
Tÿ&!\"&ÿ#!!$ÿÿ$0-$699
Uÿg&\ÿ"N&#!ÿHh!Bÿiÿÿ_+@ÿ iÿÿA)ÿ
Vÿ%! '"ÿ#ÿ&!"!Bÿ
iÿÿb9,</02ÿ>=ÿ[))-ÿF>03ÿP9:0>,>.9=0@ÿ iÿÿ(+/+.3)=+ÿ0)ÿK:)91,9@0ÿ8>0+ÿ iÿÿ6>j+ÿk+*ÿ59@0ÿ
iÿÿI=0+:9,0>j+ÿl>1+)ÿÿ iÿÿ890+//>0+ÿÿ iÿÿJ03+:Bÿ
iÿÿ^<1>)ÿP:+@+=090>)=ÿ iÿÿl>1+)09.+ÿP:+@+=090>)=ÿ
iÿÿI=0+:=+0ÿJ=mD+-9=1ÿLI=0+:9,0>j+Mÿÿ iÿÿD>@,<@@>)=ÿ6+91+:ÿ.:+@+=0ÿ
Wÿ d!ÿ#ÿgÿ'!e"f$ÿÿ(Available for review: https://www.clereg.org/resources/law-classifications )
Q?ÿediscovery ^11>0>)=9/ÿ5)1+@ÿJ.0>)=9/BÿÿRÿethics S?ÿtechnology T?ÿtrial
'!\&!!ÿ#ÿ'##NdBÿÿiÿÿK+;>==+:ÿ iÿÿI=0+:-+1>90+ÿ iÿÿ^1j9=,+1ÿ iÿÿ^//ÿ6+j+/@ÿ
Xÿ 'H!&"!'ÿBÿÿ iÿÿ69F2+:@ÿ iÿÿ5/>+=0@ÿ iÿÿJ03+:@ÿL8.+,>E2nI=1>,90+ÿoMÿ
Yÿ "ÿdÿ'%""ÿ&!"&"Bÿ
QZÿ p N"!ÿHdÿ#&%ÿL8++ÿ6),9/ÿ[</+@ÿE):ÿ^../>,9*>/>02Mÿ
J.+=nP<*/>,>q+1ÿ0)ÿJ<0@>1+ÿ69F2+:@ÿ iÿÿ_+@ÿ iÿA)ÿÿÿ
J<0@>1+:@ÿ9:+ÿC100
CCCCCCÿoÿ)Eÿb9,</02ÿrÿ5/>+=0@ÿ9:+ÿCCC0CCCCCÿoÿ)Eÿ9<1>+=,+ÿÿ
IEÿ=)0ÿ).+=sÿ./+9@+ÿ@.+,>E2ÿ:+9@)=Bÿ
QQÿ %! 'ÿ#ÿ!HNBÿiÿÿP9:0>,>.9=0ÿ5:>0>O<+ÿÿ iÿÿI=1+.+=1+=0ÿ7j9/<90):ÿÿ iÿÿA)=+ÿiÿÿJ03+:Bÿ
QRÿ %!&"ÿ'!"&ÿ
()09/ÿP9;+@BÿÿÿÿÿCCC122
CCCCCÿ iÿÿ6))@+ÿ/+9Eÿ iÿÿK)<=1ÿÿ iÿÿA)ÿ-90+:>9/@ÿ@<../>+1ÿ
D>@0:>*<0+1B iÿÿK+E):+ÿP:);:9-ÿ iÿÿ^0ÿP:);:9-ÿ iÿÿJ03+:Bÿÿ
QSÿ &!tN&!'ÿ %!"ÿÿ "ÿ$ÿÿ ÿÿ#&%ÿÿÿL./+9@+ÿ.:>=0Mÿ
9?(>-+ÿ8,3+1</+n^;+=19ÿLK:),3<:+sÿJ<0/>=+sÿD+@,:>.0>)=M 8.)=@):ÿ[+.:+@+=090>j+ÿÿ
*?(9*/+ÿ)Eÿ5)=0+=0@ A9-+BÿKristin Davidson
,?b9,</02ÿD+@,:>.0>)=
1?5)-./+0+ÿ8+0ÿ)Eÿ490+:>9/@ÿ9=1ÿb++@ÿLJ=/2ÿ>=ÿ@090+@ÿF3+:+ÿ:+O<>:+1M (>0/+Bÿÿ CEO
+?8.)=@):ÿ9../>,90>)=ÿE++ÿmÿuUZÿ.+:ÿ.:);:9-?
E?^00):=+2n^00+=1++ÿ9../>,90>)=ÿE++ÿmÿuQUÿ.+:ÿ.:);:9-
QTÿ &!'"ÿ&!tN!"!'Bÿÿ 5)-./+0+ÿ03+ÿE)//)F>=;ÿ>EÿE>/+1ÿ*2ÿ>=1>j>1<9/ÿ900):=+2Bÿ
I=1>,90+ÿ->=<0+@ÿ)Eÿ>=@0:<,0>)=ÿ=)0ÿ>=,/<1>=;ÿ*:+9G@sÿ-+9/@ÿ):ÿ>=0:)1<,0>)=@Bÿ ^00):=+2ÿA9-+Bÿÿ
w+=+:9/n8<*@09=0>j+B C734
CCCCC ^00):=+2ÿK9:ÿA<-*+:Bÿ
703>,@B C122
CCCCC ^11:+@@Bÿ
8<*@09=,+ÿ^*<@+Bÿÿ CCCCCCÿ
J03+:B CCCCCC
()09/B C856
CCCCC 5>02B 8090+Bÿ `>.B
QUÿ&!'ÿhdÿ !&ÿ"!"Bÿÿ 5)=09,0ÿA<-*+:Bÿ
ÿw[Â(7DBTX, GA, 7-9>/Bÿ
D7AI7DBÿ None
QVÿ"Nh%!'ÿhdBÿ iÿÿ5)<:@+ÿ8.)=@):ÿ iÿÿI=1>j>1<9/ÿ69F2+:ÿ 8IwAÿ
a7[7ÿ ÿÿÿÿD90+Bÿÿ02/12/21
P/+9@+ÿ5)-./+0+ÿ9=1ÿ@>;=ÿ^../>,9=0ÿI=E):-90>)=ÿxÿ
ÿ
12345164ÿ748ÿ4991
41 ÿ
64 418ÿ
1 ÿ343ÿ
41 ÿ886 9ÿ
ÿ
43
41 ÿ9ÿ
ÿ
ÿ!ÿ"##ÿ$ÿ%&'ÿ#ÿ()ÿ
ÿ
*!!#+,*!!#-##ÿ!ÿ"##ÿ$ÿ%.&ÿ#ÿ()ÿ
ÿ
ÿ
/ÿ 0-1!ÿ!2#ÿ()ÿ13!!+ÿÿ-4#!#-5ÿ136#!ÿ!ÿ#)#(#+ÿ13!!1!ÿ-ÿ7!2-7/ÿ
ÿ
3/ÿ 8!31!#ÿ!21(25ÿ2(2ÿ91!+5ÿ#-3#ÿ-ÿ#"1+ÿ##-ÿ7!!#ÿ)!#ÿ!ÿ!!/ÿ
ÿ
/ÿ 0-1!ÿ!2#ÿ()ÿÿÿ)"!3#ÿ2+ÿ#!!(5ÿ#91#-ÿ7!2ÿ1!3#ÿ7!(ÿ1"#/ÿ
ÿ
-/ÿ :2#ÿ()ÿ)1!ÿ-#ÿ7!2ÿ)!!#ÿ#!#-ÿ!ÿ!2#ÿ!#ÿ"ÿ75ÿ"#ÿ#3!+ÿÿ#!2ÿ
3(!ÿ"ÿ!!#+/ÿÿ;!2ÿ#()#!ÿ)1!ÿ3#ÿ#+ÿ-#(!#-ÿÿ!2#ÿ(#-ÿ3#"#ÿ#-!ÿÿ3#ÿ
(4#/ÿ
ÿ
#/ÿ 0-1!ÿÿ($ÿ"ÿ!!#-##ÿ!ÿ!2#ÿ3#((ÿ"ÿ!2#ÿ)(ÿ#ÿ"ÿ#)ÿ2#-ÿ1!$"$!!#/ÿÿ*ÿ
--!ÿ($ÿ3#"#ÿ!2#ÿ"!#ÿ-ÿ#4#(ÿ#ÿÿ#91#-ÿ"ÿÿ$!!#ÿ#)/ÿ
ÿ
"/ÿ *ÿ!ÿ"ÿ<=2)ÿ>ÿ*!ÿ)#)3#ÿ!!#-##ÿ)1!ÿ3#ÿ#!ÿ!ÿ!2#ÿ<?ÿ@0A;ÿ""#ÿ7!2ÿB'ÿ-+ÿ
"!#ÿ!2#ÿ()ÿ1(ÿ!2#ÿ#91#-ÿ##!ÿ")!/ÿÿ*ÿ+ÿ"ÿ!2#ÿ!!#-#ÿ!ÿ21-ÿÿ3#ÿ#!#-ÿ
3+ÿ!2#ÿÿ"ÿ!7ÿ+#/ÿÿ*--!ÿ!1!ÿ"ÿ!!#-#ÿ#!(ÿ7ÿ3#ÿ4-#-ÿ72#ÿ!2#ÿ1#ÿ
ÿ4#-/ÿ
ÿ
5ÿ81846ÿ91 918ÿ4
2 1C39ÿ54ÿ438ÿ1ÿ458ÿ1ÿ59ÿ486 ÿ9ÿ
81 9ÿ18ÿ9481D43ÿ1ÿ5ÿ4
DEÿ
ÿ
ÿ
3 9ÿ18ÿ
43
34 ÿ
8ÿ
ÿ
./ÿ *ÿ!1!ÿ21ÿ7ÿÿÿ#4#!ÿ!ÿ!ÿ#!ÿ""!+ÿF&'Gÿ)1!#/ÿ
ÿ
H/ÿ :2#ÿ"7(ÿ)+ÿ!ÿ3#ÿ1!#-ÿ"ÿ#-!Iÿ
/ÿ ""##ÿ3#=ÿ
3/ÿ #(ÿÿ(ÿ#)=ÿ
/ÿ )#ÿ3#=ÿ
-/ÿ 31#ÿ)##!(ÿ
ÿ
B/ÿ :2#ÿ21ÿ"ÿ#-!ÿ)##+ÿ#"#!ÿÿ)J)1)ÿ!2!ÿ)+ÿ3#ÿ##-ÿ!21(2ÿ!!#-#/ÿÿ<+ÿ!1ÿ!!#-#ÿ
3+ÿ!2#ÿ!!#+ÿ#ÿ#-!/ÿ
ÿ
K/ÿ A#(ÿ#!2ÿ)1!ÿ3#ÿ#+ÿ-#!"#-ÿÿ!2#ÿ()ÿ(#-ÿ"ÿÿ#"ÿ#-ÿ"ÿ!)#/ÿ
ÿ
ÿ
163ÿ1869ÿ4 ÿ 843ÿ

18891
ÿ9513ÿ7ÿ8
ÿ1Lÿ
@0A;ÿ0))5ÿ<=2)ÿ>ÿ*!5ÿM/</ÿ>Jÿ&B'BN5ÿ<=2)ÿ0!+5ÿ<?ÿÿOB.&H/ÿ
ÿ
P1#!QÿK'&,K.N$O''Rÿÿ) #S=3/(ÿ
ÿ
>#4#+ÿM#!+ÿA#7ÿTÿ@0A;ÿ*-)!!ÿ
U2+ÿV+-ÿTÿ*!!ÿ@0A;ÿ*-)!!ÿ
Uÿ:2)ÿTÿ@0A;ÿW##!!,*!!ÿ
ÿ
Program Title: ACEDS e-Discovery Executive Certificate Program
Presented by: Michael Quartararo
Date of CLE Presentation: On Demand Program Recorded 1/4/2021
Time of CLE Presentation: 856 Minutes Total Instruction Time
Specializations:
- 122 Minutes Ethics
- 65 Minutes Technology
- 60 Minutes Trial Skills/ Litigation
Program Description:
Many legal and technical professionals lack a baseline understanding to successfully preserve,
collect, and review electronic data. The ACEDS eDiscovery Executive Certificate (eDEx) training
program builds expertise and professional knowledge of the entire e-discovery process at all
levels. This program explores the full e-discovery lifecycle, including topics related to e-
discovery best practices, project management, budgeting, analytics, international discovery, the
use of machine learning, e-discovery ethics and trial technology. The program concludes with
an online, knowledge-based exam as a final gauge of understanding.
Presenters Biography and Accolades:

Mike Quartararo is the President of the Association of Certified E-Discovery Specialists (ACEDS),
which provides training and certification in e-discovery to the legal community. He is the author
of the 2016 book Project Management in Electronic Discovery and has been successfully
consulting in information governance, e-discovery, project management and legal technology
for two decades, including 10-year stints at both Skadden Arps and Stroock. He is a certified
Project Management Professional and a Certified E-Discovery Specialist. He frequently writes
and speaks on e-discovery, legal operations, project management and technology topics.
Presenters Education and Qualifications:
CLE Compliance Information:

Downloadable supplemental materials are available to all attendees. Materials include course
outline, course application for self-accreditation, presenter bio and any additional course
material deemed necessary by the presenter.
This course is offered at www.aceds.org and is advertised through various online means such as
Email and Social Media.
This is a self-paced certification program. The total time of 856 minutes is actual instruction time.
Attendees are required to view all instruction time before moving forward to the next module.
The course concludes with a comprehensive knowledge-based exam as well as a course
evaluation. CLE Certificates are generated upon completion of all modules, final exam and course
evaluation. CLE Companion maintains all attendance and evaluation records for of 4 years
following the course.
This program does not include a formal question and answer session; however, the attendees
are encouraged to contact the presenter or another ACEDS representative with any questions.
ACEDS has agreed to answer any reasonable requests for additional information.
Provider Information:
Course Provided by: CLE Companion, LLC
Contact Person: Kristin Davidson, CEO
Toll-Free: 1-877-670-2520
Mobile: 512-677-4443
Email: Kristin@clecompanion.com; cle@clecompanion.com
eDISCOVERY EXECUTIVE
CERTIFICATE PROGRAM
Many legal and technical professionals lack a baseline understanding to successfully preserve, collect, and review
electronic data. Paralegals, sales and marketing professionals, administrative personnel and third-party vendors, may
need a complete foundation to support on-boarding as well as service to attorneys and their clients. The ACEDS
eDiscovery Executive Certificate (eDEx) training program builds expertise and professional knowledge of the entire
e-discovery process at all levels.
FOUNDATIONAL EDISCOVERY TRAINING

Online On-Demand Self-Paced
INTERACTIVE ONLINE TRAINING: This self-paced introductory e-discovery essentials course is relevant for those
entering the field as well as those wanting to broaden their knowledge. Receive 12+ hours of essential training and up to 12
continuing legal education (CLE) credits in some states.
LECTURE SERIES: Explore the full e-discovery lifecycle, including topics related to e-discovery best practices, project
management, budgeting, and analytics. More advanced topics include international discovery, the use of machine learning,
e-discovery ethics and trial technology.
KNOWLEDGE ASSESSMENT: The program concludes with an online, knowledge-based exam as a final gauge of
understanding. No degree is required prior to eDEx training.
CERTIFICATE AND DIGITAL BADGE: Upon successful completion of the program and online exam, receive an eDEx
certificate and digital badge to share and display your competency.
“ This certification helped me to broaden my knowledge of eDiscovery, especially on how

to avoid ethical lapses and considerations during international eDiscovery. My takeaways
were importance of ethics, data privacy, budgeting and a brilliant lecture series.
”
— Pavan Kotha, eDiscovery Manager, United Arab Emirates
GAIN VALUABLE AND FOUNDATIONAL E-DISCOVERY UNDERSTANDING

PLUS A DIGITAL BADGE TO DISPLAY YOUR KNOWLEDGE
VISIT ACEDS.ORG OR CALL 844-992-2337 TO LEARN MORE
A B A R B R I P R O F E S S I O N A L A S S O C I AT I O N
98-19 | 3/9/2020
ACEDS
Total Course Duration: minutes (including minutes on Ethics)
MODULE 1 – INTRODUCTION TO E-DISCOVERY. Duration: 40 min.

Overview of the E-Discovery Process
The Federal Rules of Civil Procedure (FRCP)
The Electronic Discovery Reference Model
MODULE 2 – BUDGETING CONSIDERATIONS. Duration: 30 min.

Measuring Volume of Data
Communication with Third-Party Vendors
Determine E-Discovery Project Scope
Identify and Control Cost Drivers
MODULE 3 – PROJECT PLANNING. Duration: 25 min.

Building the E-Discovery Team
The E-Discovery Documentation Folder
Implementation of Record Management Policies
Application of Data Maps
MODULE 4 – INFORMATION MANAGEMENT AND LITIGATION READINESS. Duration: 30 min.

Information Management
Litigation Holds, Protocols And Readiness Plan
Departing Employees
MODULE 5 – LITIGATION HOLD IMPLEMENTATION. Duration: 30 min.

Implementation of Litigation Hold
ESI
Business Considerations
Sanctions
MODULE 6 – . Duration: 35 min.

Managing Non-Party Relationships
Electronic Discovery Reference Model
Budget Considerations
Evaluation of Client Risk Tolerance
MODULE 7 – LEGAL FRAMEWORK AND OBLIGATION. Duration: 30 min.

Protecting Attorney-Client Privilege
"Meet and Confer" Duty Rule
Obligations and Tracking
Record-Keeping Duties
MODULE 8 – COLLECTION PLANNING AND IMPLEMENTATION. Duration: 35 min.

ESI Collection Process
Validating Collected ESI
Shared Network Resources
Data in the Cloud and Storage Options
MODULE 9 – DATA PROCESSING. Duration: 30 min.
Data Review Risks and Benefits
Search Terms
Data Culling Vs. Data Processing
Sunsetting Processed Data
MODULE 1 – DATA CULLING. Duration: 30 min.

Data Culling
Validating the Data
Data De-Duplication
De-NISTing
MODULE 1 – TECHNOLOGY ISSUES. Duration: 35 min.

Data Storage Solutions
Data Collection Methods
Document Retention Policies
Understanding Shared Network Resources
MODULE 1 – REVIEW PLANNING. Duration: 30 min.

Team Member Selection and Training
Quality Control and Validation Processes
Production and Privilege Issues
MODULE 1 – DOCUMENT REVIEW. Duration: 45 min.

Understanding Document Review
Data Sets
Data Culling Methods
Privilege Logs
MODULE 1 – . Duration: 30 min.

Technology-Assisted Review
Elements of Predictive Coding
Developing A Defensible Strategy
Developing Data Samples
MODULE 15 – DATA PRODUCTION. Duration: 35 min.

Data Production
Data Production Formats
Metadata
Tracking the Native Production Of ESI
MODULE 16 – INTERNATIONAL DISCOVERY. Duration: 50 min.

US and European Standards
The Hague Convention
Privacy Protection Laws
Blocking Statues
MODULE 17 – ETHICS IN E-DISCOVERY. Duration: 60 min.

Ethical Standards
Sanctions
Ethical Obligations
Data Mining
ACEDS University: E-Discovery Essentials
Module 1: Introduction
Slide 1: Introduction
1.1.1 Hi, my name is Amy and I will be your instructor for the ACEDS University: E-Discovery Essentials course.
1.1.2 This is Module 1. This Module will include both an overview of what to expect while you progress through the course as
well as provide a basic introduction to e-discovery.
1.1.3 Let’s get started. Click the NEXT button at the lower right to continue.
Slide 2: Overview and Expectations
1.2.1 Click on each button to gain a better understanding of the overview and the expectations of the E-Discovery Course.
Button Interaction
Purpose (Button)
This is an introductory course for persons entering the e-discovery field and for professionals who want to broaden their
knowledge of the e-discovery process. This course covers the entire e-discovery process from information governance to
the presentation of electronically stored information.
Considerations (Button)
There are many types of professionals involved with the e-discovery process, such as paralegals, lawyers, judges, litigation
support staff, and vendors. Throughout the course, there will be information that you may think does not apply to you.
However, it is important to be able to see e-discovery from all angles in order to obtain the best possible outcome for
whatever scenario you encounter.
Goals (Button)
To obtain a basic understanding of terms, concepts, and scenarios that arise in e-discovery issues and to apply this basic
understanding to your professional repertoire.
Slide 3: Module 1: Learning objectives
1.3.1 You are about to learn the essential terms, facts, and history behind one of the most dynamic and complex areas of law-
discovery of electronically stored information, or e-discovery.
You will learn about:
The Federal Rules of Civil Procedure (FRCP) that govern the procedure for civil lawsuits in United States federal
courts
The Rule 26(f) Conference, also known as the “meet and confer” process
The rules for when sanctions may be imposed on parties for discovery failures
Taking depositions by oral examination, signing pleadings, motions, and other papers, as well as collecting
information from non-parties
The Electronic Discovery Reference Model, or EDRM, a roadmap for navigating the discovery process.
Slide 4: Module 1: Basic terms and Common e-discovery Phrases
1.4.1 Before we start, let’s review some basic terms.
1.4.2 At the federal level, the Federal Rules of Civil Procedure (FRCP) govern the procedure for civil lawsuits in United States
district courts. At the state level, each state has their own set of statutes and rules that govern the procedure for civil
lawsuits in state court. Throughout the training, we mainly refer to the FRCP.
1.4.3 Discovery is the pre-trial phase in a lawsuit in which each party, through the law of civil procedure, can obtain evidence
from the opposing party. By extension, e-discovery is discovery of electronically stored information.
1.4.4 Electronically stored information (ESI) is information created, manipulated, communicated, stored, and best utilized in
digital form, requiring the use of computer hardware and software. This includes any data stored on individual computers,
servers, memory cards, smartphones, tablets, computer networks, the Internet, and any other electronic format or
platform.
1.4.5 Information that is relevant to a claim or defense of a lawsuit is deemed “potentially relevant information.”
1.4.6 A legal hold, also referred to as a litigation hold, is a process used by a person or entity to preserve all forms of potentially
relevant information when litigation is reasonably anticipated. While the concept is mentioned in this module, it will be
covered in detail in a later module.
1.4.7 A producing party is a party that is responsible for turning over the portion of ESI which is deemed to be relevant for a case
or other legal inquiry. The producing party can be a plaintiff, defendant, or third party.
1.4.8 A non-party is a person or entity that is not named as a party to a lawsuit.
1.4.9 The e-discovery specialist is responsible for presenting data to his/her clients in the most complete, understandable, and
readable format possible.
1.4.10 You should now understand the following terms: FRCP, Discovery, ESI, Potentially relevant information, Legal Hold,
producing party, non-party and e-discovery specialist.
1.4.11 If you need to review these terms, click on ‘Glossary’
Slide 5: What is e-discovery
1.5.1 Electronic discovery is the exchange of information from computers, smartphones, portable devices, or any electronic
source in litigation. It is usually shortened to e-discovery or eDiscovery.
1.5.2 In civil litigation, discovery entails identifying, capturing, processing, reviewing, and presenting electronically stored
information (ESI) to exchange with the requesting party for potential use in court.
1.5.3 In 2006, the Federal Rules of Civil Procedure were updated to include guidance on handling ESI in litigation. Most state
courts have adopted these rules in whole or in slightly modified versions.
1.5.4 These updated rules have made it explicit that any electronic records are potentially discoverable for litigation, and have
been interpreted to include new and emerging sources of digital records, including social media, database records, and
records and applications stored in the cloud.
Slide 6: Amendments to the FRCP
1.6.1 In December 2006, significant amendments to the FRCP shaped the landscape for how e-discovery works today.
1.6.2 Among other changes, the 2006 amendments redefine discoverable material; encourage early attention to issues relating
to e-discovery; discuss the concept of “reasonably accessible”; provide a procedure for asserting claims of privilege and
work product after production; and provide a mechanism for “safe harbor” limits on sanctions related to loss of ESI as a
result of routine operation of computer systems.
1.6.3 Arguably, the most important 2006 amendment was simply to include electronically stored information on the list of
information that is discoverable throughout the discovery process.
1.6.4 Specifically, FRCP Rule 34 dictates disclosure and discovery related to “producing documents, electronically stored
information, and tangible things or entering onto land, for inspection and other purposes.”
1.6.5 The phrase “electronically stored information” is broad enough to cover all current types of computer-based information
and intended to be flexible enough to encompass future changes and technological developments.
Slide 7: FRCP Rule 26(a)(1)(A): Initial disclosure
1.7.1 Litigants are required to make certain initial disclosures in all cases without a formal request.
1.7.2 Click on each button to learn more.
Button Interaction
Include in each button layer
Heading: INITIAL DISCLOSURE REQUIREMENTS UNDER FRCP RULE 26 (a)(1)(A)
Introduction: According to FRCP Rule 26(a)(1)(A), except as exempted by Rule 26(a)(1)(B) or as otherwise stipulated or
ordered by the court, a party must, without awaiting a discovery request, provide to the other parties:
(i)(Button)
The name and, if known, the address and telephone number of each individual likely to have discoverable information -
along with the subjects of that information - that the disclosing party may use to support its claims or defenses, unless the
use would be solely for impeachment;
(ii)(Button)
A copy - or a description by category and location - of all documents, electronically stored information, and tangible things
that the disclosing party has in its possession, custody, or control and may use to support its claims or defenses, unless the
use would be solely for impeachment;
(iii)(Button)
A computation of each category of damages claimed by the disclosing party - who must also make available for inspection
and copying as under FRCP Rule 34 the documents or other evidentiary material, unless privileged or protected from
disclosure, on which each computation is based, including materials bearing on the nature and extent of injuries suffered;
and
(iv)(Button)
For inspection and copying as under FRCP Rule 34, any insurance agreement under which an insurance business may be
liable to satisfy all or part of a possible judgment in the action or to indemnify or reimburse for payments made to satisfy
the judgment.
Slide 8: FRCP Rule 26(f): Conference of the parties; Planning for discovery (“meet and confer”)
1.8.1 Rule 26(f) added an important new requirement to pre-trial discovery- the meet and confer. Under this rule, except in a
proceeding exempted from initial disclosure under Rule FRCP 26(a)(1)(B) or when the court orders otherwise, the parties
must confer as soon as practical- or at least 21 days before a scheduling conference is to be held or a scheduling order is
due under Rule FRCP 16(b).
1.8.2 In conferring, the parties must consider the nature and basis of their claims and defenses and the possibilities for promptly
settling or resolving the case; make or arrange for the disclosures required by FRCP Rule 26(a)(1); discuss any issues about
preserving discoverable information; and develop a proposed discovery plan.
1.8.3 The attorneys of record and all unrepresented parties that have appeared in the case are jointly responsible for arranging
the conference, for attending in good faith to agree on the proposed discovery plan, and for submitting to the court within
14 days after the conference a written report outlining the plan.
1.8.4 The court may order the parties or attorneys to attend the conference in person.
1.8.5 Click on discovery plan to learn what it must state for the parties views and proposals.
Single Layer
What changes should be made in timing, form, or requirement for disclosures under FRCP Rule 26(a), including a
statement of when initial disclosures were made or will be made;
The subjects on which discovery may be needed, when discovery should be completed, and whether discovery should
be conducted in phases or be limited to or focused on particular issues;
Any issues about disclosure or discovery of electronically stored information, including the form or forms in which it
should be produced;
Any issues about claims of privilege or of protection for trial-preparation materials, including - if the parties agree on a
procedure to assert these claims after production - whether to ask the court to include their agreement in an order;
What changes should be made in the limitations on discovery imposed under these rules or by local rule, and what
other limitations should be imposed; and
Any other orders that the court should issue under FRCP Rule 26(c) or under FRCP Rule 16(b) and (c).
Slide 9: Non-Party Information
1.9.1 FRCP Rule 34(a)(1) states “a party may serve on any other party a request within the scope of Rule 26(b) to produce and
permit the requesting party or its representative to inspect, copy, test, or sample the following items in the responding
party’s possession, custody, or control.”
1.9.2 Information held by a non-party can still be considered to be within a party’s possession, custody, or control.
1.9.3 All cases differ in their facts, however, courts are generally likely to shift the costs of burdensome e-discovery requests from
non-parties to the parties in litigation.
Button Interaction
NON-PARTY INVOLVEMENT (Button)
There are two basic variations of the relationship between the producing party and a non-party:
1. When the ESI belongs to or directly involves the producing party but is held by a non-party, it is referred to as non-
party hosted information.
2. When the ESI belongs and relates solely to the non-party, but is nevertheless potentially relevant to the matter, it is
referred to as non-party information.
RESPONSIBILITY TO PRESERVE ESI (Button)
A written agreement between the party and nonparty should include terms addressing the rights and obligations
in the event of litigation and discovery.
When a legal hold takes effect or a party receives a request for production, the non-party must be notified of:
The producing party's legal duty to preserve ESI.
That the duty to preserve extends to ESI held by the non-party in control of the producing party.
The steps the non-party should take to preserve the potentially relevant ESI in its possession.
REQUESTING DATA FROM NON-PARTY RESPONDENTS (Button)
An FRCP Rule 45 subpoena serves as a court order to a non-party which can be written by an attorney.
FRCP Rule 45 application: Under Rule 45, non-parties can be served with a subpoena, which has the authority of a
court order.
Legal hold obligation: Rule 45 subpoenas obligate the recipient to assess the status of the ESI covered by the
subpoena and to consider instituting a legal hold.
Possible objections: Sufficiency of the subpoena, means of service, scope of the requested production
ESI DELIVERY (Button)
It is within generally accepted practice for a non-party to turn over its ESI in a relatively "raw" state to the
producing party.
The producing party may need to process, review, and produce the ESI at its own expense in a form that is
reasonable for the requesting party.
Slide 10: FRCP Rule 30: e-discovery depositions by oral examination
1.10.1 FRCP Rule 30 addresses the taking of a deposition from a corporate entity.
1.10.2 FRCP Rule 30(b)(6) is the specific rule that covers serving a subpoena on a corporation.
1.10.2 Notice or subpoena directed to an organization
In its notice or subpoena, a party may name as the deponent a public or private corporation, a partnership, an
association, a governmental agency, or other entity, and must describe with reasonable particularity the matters for
examination.
The named organization must designate one or more officers, directors, or managing agents, or designate other
persons who consent to testify on its behalf; and it may set out the matters on which each person designated will
testify.
A subpoena must advise a nonparty organization of its duty to make this designation.
The persons designated must testify about information known or reasonably available to the organization.
Slide 11: FRCP Rule 26(b)(2)(C): Cost-sharing or cost-shifting
1.11.1 Cost-sharing and cost-shifting are implicit in FRCP Rule 26(b)(2)(B), under which “the court may specify certain conditions
for the discovery” of ESI from not reasonably accessible sources. Many judges rely on the proportionality rule to require
cost-shifting or cost-sharing in lieu of “limiting the frequency or extent” of discovery. Others limit cost-sharing or cost-
shifting to production of ESI from not reasonably accessible sources. The party seeking cost-sharing or cost-shifting bears
the burden of overcoming the presumption that each party bears its own litigation costs.
1.11.2 Next, we will cover the different types of cost sharing models for ESI.
Button Interaction
To Each Its Own (Button)
Each party pays for its own production. However, a court may limit the scope of discovery or order a requesting party to
pay the costs of producing the requested ESI.
Cost Limiting (Button)
The court may limit discovery or shift the cost of production when the request to produce is too broad or the ESI can be
more easily obtained from another source.
Cost Vs. Benefits (Button)
The court may also limit discovery or shift the cost when burden or expense of the proposed discovery outweighs the
potential benefit. This is also known as the proportionality rule.
Slide 12: FRCP Rule 11: Signing pleadings, motions, and other papers; Representations to the court; Sanctions
1.12.1 FRCP Rule 11 is the rule that requires attorneys to "certify" discovery requests and responses by signing them.
1.12.2 By signing a discovery request, the attorney takes personal responsibility for the matter certified.
1.12.3 By presenting to the court a pleading, written motion, or other paper - whether by signing, filing, submitting, or later
advocating it - an attorney or unrepresented party certifies that to the best of the person’s knowledge, information, and
belief, formed after an inquiry reasonable under the circumstances: (1) it is not being presented for any improper purpose,
such as to harass, cause unnecessary delay, or needlessly increase the cost of litigation; (2) the claims, defenses, and other
legal contentions are warranted by existing law or by a nonfrivolous argument for extending, modifying, or reversing
existing law or for establishing new law; (3) the factual contentions have evidentiary support or, if specifically so identified,
will likely have evidentiary support after a reasonable opportunity for further investigation or discovery; and (4) the denials
of factual contentions are warranted on the evidence or, if specifically so identified, are reasonably based on belief or lack
of information.
1.12.4 If, after notice and a reasonable opportunity to respond, the court determines that FRCP 11(b) has been violated, the court
may impose an appropriate sanction on any attorney, law firm, or party that violated the rule or is responsible for the
violation. Absent exceptional circumstances, a law firm must be held jointly responsible for a violation committed by its
partner, associate, or employee.
Slide 13: The Electronic Discovery Reference Model
1.13.1 In addition to the Federal Rules of Civil Procedure, every e-discovery practitioner needs to understand the Electronic
Discovery Reference Model. Unlike the Federal Rules of Civil Procedure, the EDRM is has no actual force of law behind it,
but is a guideline created to help standardize the practice of e-discovery. However, it is now a well-accepted and tested
model that has been widely accepted and embraced by lawyers, judges, and legal professionals.
1.13.2 The EDRM model is a series of steps. The steps may not always apply in every case and can often be performed in different
sequences. The model is continually being updated, expanded, and modified.
1.13.3 The first step is Identification, which refers to locating potential sources of ESI and determining the scope of potentially
discoverable information. This can be achieved through interviews or questioning of IT personnel, the custodians of
potentially discoverable information, or other investigations into the types of ESI involved in a matter.
1.13.4 Second, Preservation is the step ensuring that ESI is protected against inappropriate alteration or destruction. This is when
preservation letters and litigation hold demands must be implemented.
1.13.5 Next, Collection is the actual steps taken to gather and export ESI from the producing party to the requesting party, often in
the form of hard drives or other removable media.
1.13.6 For the purposes of e-discovery review, data will need Processing, the next phase of the EDRM model. Data must often be
extracted from container files or exported into new formats that are more suitable for review. Parties must specify the
formats in which they wish to review data. These specifications, known as the form of production, should be spelled out in
pre-trial meet and confer conferences.
1.13.7 Next, the EDRM suggests reducing the volume of ESI and converting it, if necessary, to forms more suitable for review and
analysis. This often includes automated data reduction techniques such as deNISTing, a federal standard for eliminating
system files and other information that is unlikely to produce relevant information.
1.13.8 The next two steps, Review and Analysis refer to the act of evaluating ESI for relevance and identifying privileged
information and then evaluating it for relevant content for a matter based on patterns, topics, people, and fact patterns.
1.13.9 Finally, Production and Presentation refers to delivering ESI to others in appropriate forms and, ultimately, presenting that
information in a legal context of trial.
Note that the EDRM is intended as a basis for discussion and analysis, not as a prescription for the one and only right way to
approach e-discovery.
Slide 14: Overview of the Litigation Process
1.14.1 Discovery is generally the longest and most complex phase of litigation, but is of course just one step in the litigation
process. To fully understand e-discovery, the EDRM, and the Federal Rules we have discussed, you must place them in the
context of the litigation process.
1.14.2 In a civil lawsuit, litigation begins with a complaint, and proceeds through these steps: pleadings, discovery, trial, and
possibly appeal.
Button Interaction
PLEADINGS (Button)
Litigation begins when a plaintiff files a complaint with the court and formally delivers a copy to the defendant. The
complaint describes what the defendant did or failed to do that caused harm to the plaintiff and the legal basis for holding
the defendant responsible for that harm. The defendant is given a specific amount of time to file an answer to the
complaint.
DISCOVERY (Button)
As mentioned, discovery is usually the longest part of the case. It begins soon after a lawsuit is filed and often does not stop
until shortly before trial. During discovery, the parties ask each other and third parties for information about the facts and
issues of the case.
PRE-TRIAL (Button)
Expert Witnesses are often called to testify on technical questions, such as links between the defendant's conduct and a
loss suffered by the plaintiff, or the existence and amount of the plaintiff's damages. Expert witnesses work closely with
each party’s legal representatives and provide a factual framework for any matter.
MOTION PRACTICE (Button)
Motions are made throughout a matter to seek clarification or resolution of procedural disputes between the parties. Some
motions, such as a motion for summary judgment, which asks the court to dismiss part or all of a plaintiff's case or a
defendant's defense, end a matter without trial. Other motions might ask the court to order a party to produce documents
or to exclude evidence from trial.
TRIAL (Button)
If a matter actually goes to trial, which is increasingly rare, parties and their legal representatives usually meet in a
courtroom in front of a judge and, in some cases, a jury. The actual trial is often the shortest phase of any litigation.
Documents and evidence found during the discovery phase are presented in court in support of testimony or lawyer’s
arguments. Often, only a handful of documents are ever presented in court from the countless documents that may have
been collected, analyzed and reviewed during discovery. Even after a verdict is rendered, a trial may continue on appeal or
the parties may be able to negotiate a settlement.
TRIAL ALTERNATIVES (Button)
Alternatively, many cases today go to arbitration or mediation. In mediation, the mediator's job is to assist the parties'
settlement efforts. Arbitration is an adversarial proceeding in which the parties select a neutral third party, or arbitrator, to
resolve their dispute. In these types of negotiations, parties are often allowed a limited or truncated discovery process.
Slide 15: Module 1 complete
1.15.1 By now you should have a basic understanding of terms, concepts, and events that every e-discovery professional should
understand. These include:
The Federal Rules of Civil Procedure (FRCP)

The 2006 amendments to the FRCP
Rule 34 on disclosure and discovery related to “documents, electronically stored information, and tangible things.”
The Rule 26(f) “meet and confer” conference
The Rule 26(b)(2)(B) cost-sharing and cost-shifting analysis
Rule 11 discovery certification
Sanctions and penalties for e-discovery failures
1.15.2 Congratulations! You completed Module 1 of this course. Take a short quiz below to test your recall of the subject covered.
Module 2: Discovery Costs and Budgeting Considerations
SLIDE 1: INTRODUCTION
2.1.1 Hi, it’s Amy. This is Module 2 and it covers budgeting in e-discovery.
2.1.2 Let’s get started. Click the NEXT button on the lower right to continue.
SLIDE 2: MODULE 2 LEARNING OBJECTIVES
2.2.1 In this Module, you will learn the essential skills and tactics necessary to control discovery costs. These include:
How to measure the volume of data

Dealing with third-party vendors
Determining how to scope an e-discovery project
The major drivers of cost are as well as the tactics to control those costs
SLIDE 3: BASIC TERMS
2.3.2 The budget is simply an estimate of all costs and expenses which are expected to be associated with an e-discovery project.
2.3.3 Cost Drivers are the various elements of an e-discovery project that have associated monetary cost and must be factored
into the budget. Typical high cost drivers are collection, review, and vendor costs. Cost drivers should be assessed on a
case-by-case basis and their impact on the case should be clearly documented.
2.3.4 Client Risk is a major determining factor in what the budget for an e-discovery project will be.
2.3.5 Although it is suggested that actual data and case facts are used to create a budget, all budgets inevitably have certain
assumptions factored into them. These assumptions can negatively affect the ultimate cost of a project if not accurately
predicted.
2.3.6 You should now understand the following terms: Budget, Cost Drivers, Client Risk and Assumptions.
SLIDE 4: COMMUNICATION
2.4.1 The level of open communication with all parties involved with the case will also impact e-discovery cost. All parties include:
your client, opposing counsel, vendors, etc.
2.4.2 If the relationship between counsels is stridently adversarial, with little opportunity to reach an agreement, e-discovery
project costs are likely to go higher.
2.4.3 Discovery and related motion practices will exponentially increase the costs of this phase of the case.
2.4.4 In order to keep costs down for both parties, clear and open communication is required. Ideally, the parties should be able
to agree on the following: Parties should discuss and reach agreement on the initial number of custodians. Agreements
should be explicitly left open for renegotiation after the initial round of production.
2.4.6 For example, parties may agree to a phased production based upon the results of previous rounds. Analysis of the data
from key custodians may provide for more targeted second rounds or avert the need for additional collections, review, and
production.
SLIDE 5: GENERAL BREAKDOWN OF DISCOVERY COSTS
2.5.1 Cost is generally the biggest concern in an e-discovery project.
2.5.2 Other than trial, discovery is the largest budget item.
2.5.3 In fact, discovery costs can add up to more than 50% of the entire cost of litigation. These costs are driven up by the volume
of the company’s electronic data, and also by the strategies that are implemented by in-house and outside legal counsel to
preserve, collect, review, and produce documents.
SLIDE 6: COST DRIVERS IN THE E-DISCOVERY BUDGET
2.6.1 The major drivers of cost are: number of custodians, type and location of data, volume of data handled and reviewed, scope
of discovery, and time allotted for discovery.
2.6.2 Click the buttons to learn more about the impacts to the budget based on the custodians and volume of data.
Button Interaction
NUMBER OF CUSTODIANS (Button)
It is essential to limit the total number of custodians whenever possible. But be careful when deciding whether or not to
remove a custodian - it is often better to over-collect at the beginning rather than to under-collect and realize partway through
review that you under-collected. If you choose to remove a custodian, document the reason why immediately in case you need
to justify your decision in the future.
Parties should reach agreement on the initial number of custodians. This agreement can be decided during the “Meet and
Confer.”
Keeping clear documentation about custodians is key when developing a budget - not just how many but specific information
related to each custodian -- including which devices they use and the types of data they create.
Developing questionnaires or traveling on-site to interview each custodian to document this information is ideal and suggested.
Custodian interviews at the time of collection might raise cost initially but also might save money in the long run.
VOLUME PER CUSTODIAN (Button)
The amount of "raw" data, or the data collected directly from the source, as opposed to the amount of data after processing.
An initial analysis of data from key custodians may provide for identification of additional custodians, collection of additional
data, specify second-round analysis or avert the need for additional discovery altogether.
The human review, which is the most time-consuming and expensive part of the entire e-discovery process, is primarily affected
by volume.
SLIDE 7: ESTIMATING COSTS BASED ON VOLUME
2.7.1 While measuring volume in megabytes and gigabytes is preferred, the practitioner needs to be aware that vendors assess
volume differently. In addition, vendors tend to vary how they charge when it comes to volume of data.
2.7.2 Native ESI has no pagination, and therefore references to pages are necessarily the result of conversion rate assumptions.
2.7.3 When making these assumptions it is important to remember that conversion rates vary widely depending on the type of
document involved.
2.7.4 For example, an e-mail and a PDF document of the same megabyte size will convert to a different number of pages.
2.7.5 Take caution with vendors that bid on projects based on page counts. If a vendor submits a bid based on pages, it is critical
to understand whether the vendor is making a fixed price bid or if the ultimate price will depend on the actual number of
pages reviewed.
2.7.6 If the price is dependent on the number of pages, the conversion rate used to make the projection should be tested for
reasonableness.
SLIDE 8: ESTIMATING COSTS BASED ON SCOPE
2.8.1 Determining how to scope the e-discovery project to fit the needs of the case is key when attempted to keep costs at a
minimum.
2.8.2 It is always wise to start with the smallest possible scope and increase only as necessary. E-Discovery project scoping must
be done efficiently.
2.8.3 For example, figuring out how to ensure that material is only reviewed one time can exponentially save on cost.
SLIDE 9: IMPACTS OF TIME ON THE E-DISCOVERY BUDGET
2.9.1 Time is another factor to consider because more time allows for:
extra testing of search terms,

refining the scope,
fine-tuning data coding,
planning more carefully,
testing different approaches,
greater cost control,
improved consistency; and
fewer number of reviewers.
2.9.2 In short, more time allows for a more thorough and effective review of the ESI, and will also likely reduce the overall cost of
the e-discovery project.
2.9.3 Conversely, a reduction in the time frame will likely increase costs.
SLIDE 10: VENDORS AND TECHNOLOGY CHECK TRANSITIONS AFTER FIRST IMAGE
2.10.1 The costs of any retained third-party service providers must be considered and included in the e-discovery budget.
2.10.2 Some vendors can offer a combination of services, while others may offer only one. Solicit bids from a number of different
vendors to obtain the most competitive price.
2.10.3 Vendor proposals must be scrutinized to ensure that all costs identified in the bidding process are included in the vendor's
proposal.
2.10.4 It is important to remember that most vendor proposals are subject to negotiation.
2.10.5 Special attention should be paid to long term storage or hosting fees. An attorney or e-discovery consultant with experience
in evaluating proposals should interpret the vendor proposals and create a comparative cost spreadsheet.
SLIDE 11: THIRD PARTY PROVIDER EXAMPLE: COMPUTER FORENSIC SERVICES
2.11.1 It is becoming more common for computer forensics experts to be engaged early in the discovery process.
2.11.2 Thus, being able to identify cases that will benefit from the use of computer forensics at the outset can help save costs in
the long run.
2.11.3 Understanding what a computer forensics expert does and how their services can benefit a case is essential.
2.11.4 Click on the buttons to learn more.
Button Interaction
WHAT IS COMPUTER FORENSICS? (Button)
Computer forensics is the science of interpreting digital data, both active and deleted, to help determine how data was created,
altered, and deleted.
Oftentimes, a computer forensic investigator is employed to preserve digital data, analyze digital data to provide context of specific
information, and recover deleted data (such as email or documents) in order to identify the "smoking gun" to the litigation or
provide evidence of spoliation.
It is important to note that their profession is not limited to computer data. Computer forensic investigators are known to work with
cell phones, tablets, GPS devices, black-box technology, and practically any other digital device you can imagine.
WORKING WITH COMPUTER FORENSIC VENDORS (Button)
Computer forensic experts typically charge imaging fees based on the amount of data being preserved and analyzed as well as
investigative hourly rates.
o Imaging Fees are those associated with copying the digital data in forensically-sound format so the computer forensic
investigator can analyze the data without altering it.
o Forensically sound means that the data is unalterable and is in the same state as it was when the data was copied.
o It is important for a computer forensic investigator to work from forensically-sound copies of digital data when performing their
analysis in order to preserve the authenticity of the data analyzed.
o In addition, if all parties hire their own computer forensic investigator to analyze the same data, it is important that they all
work with the same dataset.
Some computer forensic companies charge monthly storage fees. The storage fee is dependent on the size of the forensic image(s)
saved to their server.
Computer forensic investigators have all types of forensic software designed to assist with a multitude of tasks. For example, some
are designed to export data, recover deleted files, create reports suitable for court, and perform key-word searches of the data for
relevant files.
SLIDE 12: THE EFFECT OF CLIENT RISK TOLERANCE
2.12.1 The client's risk tolerance is also an important e-discovery cost estimate cost factor.
2.12.2 There is no one right way to design a review project but, generally speaking, there will always be a tradeoff between cost
and risk.
2.12.3 If the client is willing to incur greater risk of, for example, producing a privileged communication or irrelevant and
potentially damaging document, it is possible to design a more efficient and less expensive approach.
2.12.4 On the other hand, if the client is highly risk-averse, the project will need to be designed in a way which minimizes risk,
which will necessarily raise costs.
SLIDE 13: LIMITING COSTS
2.13.1 The relative complexity of the issues in the case will have direct impact on the cost of e-discovery.
2.13.2 This factor is largely impossible to control, but must be factored to any cost estimate.
2.13.3 If the issues are simple and few in number, the review can likely be accomplished more quickly than if the issues are
complex.
Button Interaction
Methods of Limiting Volume (Button)
Culling the ESI document type.

De-duplication of ESI to exclude or suppress exact copies of particular document.
Elimination of system files.
Application of search terms and date limitations.
Custodian Selection (Button)
It is possible to start with a narrow view.

Expand only if and when necessary.
A methodology of moving from limited to expanded review sets is efficient because each set of materials will need to be reviewed
once as ESI is added to it.
Tracking ESI Reduction (Button)
It is critical to keep a record of the material which was not captured initially for review.
Any additional ESI to be reviewed can be taken exclusively from this subset of the entire dataset.
SLIDE 14: BUDGET ASSUMPTIONS
2.14.1 Assumptions are an important part of an e-discovery budget.
2.14.2 Assumptions are based on various factors and are often based on metrics provided by the client.
2.14.3 Budgets based on assumptions derived from actual data are likely to be more accurate.
2.14.4 This is likely to be a helpful metric. All assumptions should be stated explicitly in the budget.
SLIDE 15: BUDGETING FOR THE REVIEW PROCESS
2.15.1 It is essential to design the structure of the review.
2.15.2 STRUCTURE:
The complexity of the coding schema (that is, the number of tags the reviewers will be applying).
The sophistication of the privilege issues presented by the facts of the case.
The number of passes of review that are anticipated.
Button Interaction
Coding Schema (Button)
If the coding schema for the documents is complicated, with many decision points, the review will be more time-consuming
and therefore more expensive. However, a complicated coding schema may be the most efficient way to organize the
review.
Privilege Log (Button)
The number of redactions required as well as the time to create a privilege log should also be considered when developing
the structure of review.
Privilege issues can range from the straightforward, to elaborate and complex. Creating a privilege log (also known as a
Vaughn Index in FOIA) is a crucial but time consuming step in the process.
Review (Button)
Finally, it may be appropriate to design a multi-phased review process. For example, starting with a first-pass review might
be conducted by contract attorneys followed by a second review of the proposed production documents by the trial team
itself may be appropriate in cases that involve a large volume of data.
SLIDE 16: MODULE SUMMARY
2.16.1 As you have learned, there are many tactics and factors to control the cost of an e-discovery process. These include:
Knowing the custodians, volume of data, scope of discovery, and time limits
Keeping clear and open communication with all parties, including your client, opposing counsel, and third-party
vendors
How to reach agreement with all parties involved in the process
How to solicit bids from vendors
The advantage of phased production
How to analyze data from key custodians
2.16.2 Congratulations! You have completed Module 2 of this course. Take a short quiz below to test your recall of the subject
covered.
3.1.1 Hi, it’s Amy. This is module 3 and it covers project planning.
SLIDE 2: LEARNING OBJECTIVES
3.2.1 Project planning may be the most critical phase of the e-discovery process. In this module, you will learn how to:
Use schedules such as Gantt charts to plan and report progress within the project environment.
Identify key players on the e-discovery team.
Build an e-discovery documentation folder (which is a critical element of the planning process).
Implement and use record management policies.
Hire third-party e-discovery vendors.
Use a data map to identify, preserve, and produce data.
3.3.2 Project planning is part of project management, which relates to the use of schedules such as Gantt charts to
plan and report progress within the project environment.
3.3.3 Data mapping is the process of creating a document which lists all of the IT systems used by all employees, and
all onsite, offsite and paper document storage locations, including back-up media.
3.3.4 A third-party vendor is a party that provides services, including e-discovery software or services to improve or
augment the e-discovery process.
3.3.5 You should now understand the following terms: Project Planning, Data Mapping and Third-Party Vendor.
SLIDE 4: PROJECT PLANNING
3.4.1 Project planning may be the most critical phase of the e-discovery process.
3.4.2 Proper project planning can drastically reduce your overall e-discovery costs.
3.4.3 There are several key elements to the project plan which must be accounted for early in the process in order to
prevent surprises later.
3.4.4 While everyone's methodology will be slightly different, your project plan should account for at least the
following elements:
First, Members of the e-discovery team: Personnel costs are a major factor of your budget, particularly
during the review process, and will have a major bearing on the success of your project.
Second, Third-party vendors: Depending on the services provided, third-party costs can represent the bulk
of your e-discovery budget, and must be planned for early. It is also suggested to obtain quotes from at
least several different vendors to ensure competitive pricing.
Third, Elements of the e-discovery folder: The e-discovery folder will contain many of the variables and
choices made for the project, such as: the technology processes used: the culling methodology; the
processing of data, the review methodology, and the production formats.
3.4.5 Click here for more information on Gantt Charts.
Pop-Up Layer
A Gantt chart is an essential tool for project planning. Gantt charts illustrate the start and end dates of various
elements within a project and coordinate all of the interrelated pieces within an e-discovery project.
SLIDE 5: BUILDING THE E-DISCOVERY TEAM
3.5.1 Let's look at a few of the key players on the e-discovery team.
3.5.2 Click on each team member to learn more about their role.
Button Interaction
Attorney (Button)
Uses specialized e-discovery legal knowledge and training to provide specific advice and oversight on
discovery issues and monitors compliance with legal holds.
Must be knowledgeable of legal rules surrounding discovery.
Must be knowledgeable about complexities involving ESI.
May be in-house or e-discovery counsel.
Client Contact (Button)
Staff member point-of-contact who provides guidance on internal company workings, assists with litigation
hold procedures, and serves as the link between the client, attorneys, vendors and other members of the
team.
Someone from responding party who can provide guidance on internal company workings and contact
personnel.
Serves as link between internal and external teams.
Should usually come from in-house legal personnel (if available in-house).
Assists with locating and collecting ESI, and conducting custodian interviews.
Processing Personnel (Button)
Once ESI is identified and collected, it is processed, using software tools to reduce and eliminate unneeded
data and target only relevant ESI. Processing personnel can include attorneys, litigation support staff and IT
staff.
Must process ESI through software tools to reduce data volume before next stages of review.
Client contact and attorney(s) need to assess individual needs of case to determine:
o Whether additional software or outside vendor is necessary.
o Which software to license and/or vendor to engage.
IT Personnel (Button)
Understands the technical workings of the responding party's various computer systems and data, including
e-mail clients, databases, servers and backup systems.
Larger entities - already employed as IT staff.
Smaller entities - may need a Third-party provider to provide guidance.
Must have basic understanding of legal process and requirements of discovery.
Forensic Collection Personnel (Button)
Some teams engage a forensic examiner for digital collection and technical analysis using practices and
procedures designed to create a legally defensible collection.
Forensic collection personnel may be called to testify about the work performed and how it was executed.
Used in rare but important circumstances where it may be necessary to perform forensic analysis.
In-house certified forensic examiners or outside vendors.
Hosting Vendor (Button)
May be engaged to host the data depending on factors such as:

o The volume of data to be processed and reviewed.
o Sharing of review tasks across various groups of persons, often in multiple physical locations
o Arrangements between the parties on the method and format of production.
Factors to consider when deciding whether to engage third-party hosting vendor:
o E-discovery capabilities of and limitations of in-house or outside counsel.
o Large volume of ESI to be processed and reviewed.
o Need to share review tasks across geographically-separated personnel.
o Agreements about method and format of production.
o e-discovery capabilities of a hosted, managed platform and in-house platforms with less robust
features
SLIDE 6: USE OF THIRD-PARTY SERVICE PROVIDERS
3.6.1 Different service providers offer a combination of services or only one of them.
3.6.2 Ensure that each service provider is applying the same assumptions to the project and providing similar
information and method of pricing.
3.6.3 Third-party service providers are available to assist with virtually every step of the e-discovery process, but are
most often used for: Collecting ESI, culling (reducing) ESI, Processing ESI, Hosting the ESI on a review platform
and providing personnel to conduct the actual review. Often, overall costs can be reduced by using a provider
with end-to-end tools and processes, since they tend to provide cost breaks when using them for more tasks.
One high quality, end-to-end provider can also streamline the discovery process.
3.6.4 A third-party service provider will convert the post-review documents to an imaged form of your choosing and
create the associated files. You should scrutinize proposals to ensure that all identified costs are included and
that the service provider's cost variables are understood.
3.6.5 An attorney or e-discovery consultant with experience in evaluating proposals should interpret the proposals
and create a comparative cost spreadsheet.
3.6.6 Service provider costs must be included in the overall e-discovery budget once the service provider or service
providers are selected.
SLIDE 7: E-DISCOVERY DOCUMENTATION FOLDER SECTIONS
3.7.1 The e-discovery documentation folder is a critical element of the planning process.
3.7.2 A complete e-discovery documentation folder should include sections on: preservation and identification,
collection, processing, review, review documentation and production.
Button Interaction
Preservation and Identification (Button)
Steps taken to identify location of information (including systems and custodians)

Notes of witness and IT interviews
Custodial surveys
Copies of documents reviewed to determine scope of legal hold (e.g., organizational charts)
Legal hold communication
o Recipients, confirmations, follow-ups
Collection (Button)
Tracking forms for collection effort

Consistent custodian questionnaires
o Specific places where ESI is stored
o Questions about other potential custodians
o Relevant date range(s). Different custodians often have different relevant date ranges.
o Potential key words (e.g., project names)
Track exactly what material was copied and original path location
Starting point for chain-of-custody
Processing (Button)
Analysis of ESI to determine

o Strategy
o Required specifications
o Required load files
o Quality control plan
o Processing fees
o Due dates
Processes such as de-NISTing, de-duplication, near de-dupe, domain filters, etc.
Exception reports generated by software indicating unprocessed files (e.g., unimagable files such as video or
audio files, encrypted, corrupt, unsearchable files which should be OCR'd, etc.)
ESI not passed on for further review
Culling methodologies
Search terms
Review (Button)
Planning session to determine

o Strategy = Technology-Assisted Review (TAR) v. manual review
o Budget
o Deadlines
TAR or Predictive Coding
o Requires a well laid out plan to ensure review is legally defensible
o Conducted by a small number of attorneys
Very knowledgeable about facts of case
Training the software by coding samples of documents
Review computer-coded sample to determine accuracy
Re-train software as necessary until pre-determined percentage of certainty is met
Review Documentation (Button)
Review protocol
Background of case
Complete instructions for review
What producing party has agreed to produce
Detailed list of criteria for reviewers
Responsiveness
Privilege
Mechanical instructions relating to tagging
Review team training
Instructions as to exactly what decisions they will be required to make
Must be consistent among all team members
Copies of pleadings (e.g., complaint, answer, early motions, and document requests)
Legal memoranda
Review team monitoring
Assisting reviewers
Continuation of training
Production (Button)
Planning meeting to discuss specifications and identify deadlines

Production plan should include:
o Form of production (i.e., native, near-native, image, paper)
o Searchable text
o Load files
o Data files
Retain records of correspondence including production shipments and receipts for shipping
Tracking log reflecting what material was produced, on which kind of media (CD, DVD, etc.) and how it was
transmitted
Confirmation of receipt
Statistical quality check of production media
SLIDE 8: RECORD MANAGEMENT POLICIES
3.8.1 Record management policies employ steps taken by the client to preserve data, especially in the case of a legal
event.
3.8.2 The policies should also outline retention and destruction practices to support business needs, such as everyday
operations and compliance audits.
3.8.3 Record management policies must also respond to the legal requirement to retain information which may be
relevant to reasonably anticipated or actual litigation.
3.8.4 When identifying potentially relevant ESI, remember: Use data maps or data surveys of IT systems, conduct
periodic surveys of an organization's digital landscape and document who has access to which records and
where the records are located.
SLIDE 9: DATA MAPS
3.9.1 Data maps are useful when responding to discovery requests and during the Rule 26 "meet and confer"
conference.
3.9.2 They list the IT systems used by employees, onsite and offsite, and paper document storage locations, including
backup media that may contain responsive documents or data.
3.9.3 Survey the organization's IT systems and data to determine: Type of documents stored, security and access
controls, format and reporting capabilities, backup, archival, purging processes and schedules and audit-trail
capabilities.
SLIDE 10: BUDGETING
3.10.1 Budget will be covered several times in this course, but it is such an important aspect that we will also cover it
here as it deals with project planning.
3.10.2 E-Discovery may be the most expensive part of any litigation. Assumptions must be stated explicitly.
3.10.3 Some of the cost drivers are: volume, scope, timing, risk tolerance, and the level of open communication with
the opposition.
3.10.4 In order to control costs, consider the principles of proportionality to set a budget proportional to the case. The
producing party should calculate the maximum amount of money appropriate to spend proportional to the
potential financial awards likely to come from the case.
3.10.5 Click each of the buttons to learn more about each cost-driver.
Button Interaction
Volume (Button)
Largest cost driver.

Volume can be measured by:
o Number of custodians
o Volume of ESI for each custodian
You should refer to volume in terms of megabytes and gigabytes rather than pages.
Scope (Button)
Start with smallest scope and increase only as necessary.

Avoid approaches that will require duplication of effort if scope is expanded later.
Try to start with a small number of custodians. - only require one review of each document.
Try to avoid using a small number of issues - you may trigger a need to re-review later.
Timing (Button)
Ample time reduces cost.

A short time frame increases cost because there is less time for careful planning and testing of approaches.
Better planning and preliminary testing using sampling reduces the number of needed reviewers.
Increasing the number of reviewers increases cost, since each reviewer has a learning curve and it is
impossible to achieve complete consistency across reviewers.
Risk Tolerance (Button)
There is always a tradeoff between risk and cost.

Almost all measures to reduce cost carry some additional risk.
It is up to you to know your client's risk tolerance so discuss everything with your client to get their approval
Open Communication (Button)
If parties engage in early and open discussions of issues and reach agreements about scope and methods,
cost will always be lower.
SLIDE 11: MODULE 3 SUMMARY
3.11.1 In this module, you should have learned:
Basic project management including the use of schedules such as Gantt charts to plan and report progress.
The role of various members of the e-discovery team, including: Attorney, client contact, processing personnel,
IT, and forensic collection personnel.
The role of third-party vendors.
How to obtain quotes and control vendor costs.
The elements of an e-discovery folder, such as the technology processes used, the culling methodology, the
processing of data, the review methodology, and the production formats.
How to follow the classic EDRM steps: preservation and identification, collection, processing, review, review
documentation and production.
The role of record management policies to preserve data.
Using data maps in the Rule 26 "meet and confer" conference.
Employing the principles of proportionality to set a budget proportional to the case.
3.11.2 Congratulations! You have completed Module 3 of this course. Take a short quiz below to test your recall of the
subject matter covered.
Chapter 4: Information Management Litigation Readiness
4.1.1 Hi, it’s Amy. This is chapter 4 and it covers information management litigation readiness.
4.2.1 In this chapter you will learn about Information Management and Litigation Preparedness. To understand these topics you
will learn the essential questions to ask about digital records. These include:
What is ESI?
Where is stored?
How safe and secure is it?
Who controls the ESI?
How long should records be kept?
What cost factors need to be considered?
In addition, you will learn about:
Managing a litigation hold

Litigation readiness planning
How to manage data for employees who have left an organization
4.3.2 “Information Management” is a systematic business process for managing information: classifying, storing and deleting
electronic and paper-based information so that it is retained only while it has significant business value and can be deleted
before it becomes an operational or legal liability.
4.3.4 “Litigation Readiness” precedes Identification as the first step in electronic discovery. It is a non-legal term that does not
relate to a specific matter and represents a preparedness or pre-litigation state. It facilitates the actual activities involved
when a suit is filed or litigation is anticipated. Taking the time to prepare policies and procedures for eDiscovery in litigation
allows an organization to avoid labor and time-consuming activities involved with identifying relevant data when a suit is
filed.
4.3.5 “Structured information” is pre-defined, as in a database, with fields for name, address, social security information, or
constraints on what can be entered.
4.3.6 “Unstructured” information exists where there are no constraints on the file organization or contents, such as word
processing documents or e-mails saved on a computer’s hard drive or on a network server.
4.3.7 “Accessible” data is active and useable data.

4.3.8 “Inaccessible” data must undergo a restoration process in order to be displayed on computer screen. ESI on backup tapes is
often considered inaccessible.
4.3.9 You should now understand the following terms: Information Management, Litigation Readiness, Structured and
Unstructured Information.
SLIDE 4: RECORDS AND INFORMATION MANAGEMENT POLICIES AND PRACTICES
4.4.1 One important way for individuals to stay organized is to create an eDiscovery documentation folder. Large corporations
may use dedicated software and hardware to organize eDiscovery documents and decisions.
4.4.2 Having a separate folder is a great way to provide a valuable repository of critical information about eDiscovery for the
case.
4.4.3 This will assist in proper management and defensibility of the project at a later date.
4.4.4 Another way to stay organized is to document every important action or decision.
4.4.5 Keep detailed and complete documentation of the critical decisions and actions during the project.
4.4.6 Tracking and record keeping is very important when it comes to discovery project management.
4.4.7 Track the progress of the case and produce a record to demonstrate what was done, by whom, when and how it was done.
4.4.8 Being able to show how work was performed is especially important if the eDiscovery practices are challenged.
SLIDE 5: INFORMATION MANAGEMENT & LITIGATION READINESS
4.5.1 As the business value of information decreases, the relative costs and risks to maintain the information increases.
4.5.2 Litigation readiness is also referred to as "proactive e-discovery" because, as mentioned, it encompasses the policies,
procedures and steps an organization has in place to follow when and if a litigation event occurs.
4.5.3 There are a few questions that need to be asked about an organization's ESI and its environment. These questions fall
within the scope of Information Governance which addresses a need larger than litigation readiness. They are: What is it?
Where is it? How safe and secure is it? Who controls it? Why do we need it? How long do we need it? What does it cost to
keep it?
4.5.4 On the next few slides, we will look more closely at these questions.
SLIDE 6: WHAT IS IT?
4.6.1 The first question is, “what is it?” or what kind of ESI your organization creates and stores.
Button Interaction
Readiness (Button)
Information management and litigation readiness involves ESI or paper-based documents.
Formats (Button)
ESI comes in a large variety of formats and file types, including Windows or Apple formats.
ESI can be Word, Excel, PowerPoint or .pdf files, e-mails, photographs, database reports and really, any type of electronic
file that contains information.
Structure (Button)
ESI can be structured or unstructured, accessible or inaccessible
SLIDE 7: WHERE IS IT?
4.7.1 The second question is, where is it?
Button Interaction
Locations (Button)
ESI can be located on personal hard drives, USB (thumb) drives, file shares, SharePoint and other content management
systems, corporate SANs (Storage Area Networks) smartphones, tablets, in the cloud, or in any location where information
can be stored.
Data Map (Button)
A data map is an inventory of corporate ESI or paper, making clear data locations and types of ESI, system administrators,
data retention periods and backup schedules, and any other information clarifying where relevant ESI is located and who
has control of it.
Accuracy (Button)
Having an accurate data map of an information environment makes eDiscovery activities more manageable by lowering risk
of oversight, saving time looking for ESI and thereby reducing costs. A data map can also help in making claims of “not
reasonably accessible data” protected under Federal Rules of Civil Procedure Rule 26(b)(2)(B).
SLIDE 8: HOW SAFE AND SECURE IS IT?
4.8.1 How safe and secure is it, is the third question.
Button Interaction
Failure (Button)
Critical information can be subject to theft or loss due to hardware and software failures, as well as events like fires and
floods.
Access (Button)
Security procedures limit access to sensitive corporate data and authorized users should receive training on how to handle
the data and ensure their passwords are regularly changed.
Loss (Button)
Procedures for disaster recovery (DR) and business continuity planning (BCP) should be in place to mitigate against the risk
of loss.
BackUps (Button)
Policies should define how often backups are performed and how long they need to be retained before the media can be
reused.
Third Party (Button)
Before any movement of data to third-party cloud storage providers, due diligence should be done to assess the safety and
security of the storage provider’s facilities, and to determine how they would respond to and what they charge for
eDiscovery requests by the information owners.
SLIDE 9: WHO CONTROLS IT?
4.9.1 Different people manage the information depending on where it is stored.
Button Interaction
Corporation (Button)
A corporation may have ESI in numerous locations, including on computers, shared servers, document management
systems, in databases or on other corporate devices. Many of these storage locations are managed centrally, on an
enterprise level. Corporations have IT and network specialists who maintain the ESI.
Corporations can have third party providers of storage, such as a cloud storage providers, with whom they contract to
provide storage, maintenance, security and retrieval services. The corporation has a high degree of control over ESI
maintained by these providers, and may still be held liable for damages resulting from security breaches of data in cloud
storage.
Individual (Button)
ESI can also be managed locally on personal laptops, smartphones, tablets, e-mail folders or e-mail archives, by individuals,
who are often referred to as “custodians.” Individuals can also have cloud email and document accounts such as iCloud,
Gmail and yahoo accounts.
SLIDE 10: WHY DO WE NEED IT?
4.10.1 The following are reasons why we need information management and litigation readiness.
Button Interaction
Business Need (Button)
The information owner is the primary stakeholder for a particular information type and should have a business need for it.
Retention Period (Button)
The information owner should also decide when it no longer needs to be retained or no longer needs to be collected.
This does not necessarily mean that it can be deleted when the retention period is over. In highly regulated industries (such
as banking, securities, and pharmaceuticals) there is often a need to retain information long after it has served its business
purpose in order to comply with laws and industry-specific regulations.
Retaining Information (Button)

In banking, some information will need to be retained for 7 to 10 years. Life insurers need to retain policy documents and
information for about 100 years.
SLIDE 11: HOW LONG DO WE NEED IT?
4.11.1 The next question is how long do we need it?
4.11.2 Business units (BU) may work with a Records Management department to determine how long different classes of
information should be retained before deletion.
4.11.3 Some companies are establishing Information Governance Committees, drawing representation from departments such as
risk management, compliance, legal, I.T. and various BU's to oversee the process.
4.11.4 In some companies (estimated 20% to 30%), information is retained indefinitely and never deleted. This increases costs and
risks.
4.11.5. Any information that is being preserved for litigation must be retained until all claims are resolved and the hold is lifted.
SLIDE 12: WHAT DOES IT COST TO KEEP?
4.12.1 What does it cost to keep, is the final question.
4.12.2 There are many different kinds of costs and risks associated with retaining information.
4.12.3 While direct storage costs may be going down, total costs (and risks) associated with data retention are going up because
unstructured data growth in companies is increasing tremendously - 30% to 70% annually, according to EMC's IT Service
Management Practice.
4.12.4 These costs and risks include:
4.12.5 Management and maintenance costs of original and backup storage.

4.12.6 Costs of operations staff and infrastructure to maintain primary and backup storage.
4.12.7 Risks and costs associated with increased operational complexity due to higher data volumes, e.g., tighter back-
up schedules, time and effort to upgrade storage capacity, greater difficulty managing growth.
4.12.8 Costs of providing data security.
4.12.9 Risks of data loss and security breaches.
4.12.10 Risks of increased legal liability and eDiscovery costs.
SLIDE 13: LITIGATION HOLD PROTOCOL
4.13.1 A Litigation hold is a directive to preserve ESI and documents that are potentially relevant to a matter.
4.13.2 Issuance of a litigation hold is required at the outset of litigation or whenever litigation is reasonably anticipated.
4.13.3 A litigation hold may also be issued for actual, imminent, or anticipated governmental regulations.
SLIDE 14: LITIGATION READINESS PLAN
4.14.1 Having a litigation readiness plan is a must. A good readiness plan has procedures for creating and implementing legal hold
as soon as the trigger event occurs.
4.14.2 It should also provide the release of the hold as soon as the preservation obligation has been lifted.
4.14.3 A litigation readiness plan establishes procedures for periodically monitoring or reissuing a litigation hold to ensure
recipients remember their litigation hold. A litigation hold may be expanded or modified during course of legal action.
SLIDE 15: DEPARTING EMPLOYEES
4.15.1 Organizations must track departing employees to ensure ESI under litigation hold is not lost or taken when an employee
leaves the company.
4.15.2 Efforts must be taken to ensure that potentially relevant information is not improperly deleted or that the departing
employee's hard-drive is not re-purposed and given to another employee.
4.15.3 Regular retention and deletion policies which govern ESI of employees must be suspended as soon as it is known that an
employee has left the company when under legal hold or other preservation obligation. Any policies in place to preserve
ESI of departed employees should be implemented immediately.
SLIDE 16: DOCUMENTING THE HOLD
4.16.1 In a legal hold, certain documents will be essential to defend potential challenges to the effectiveness or scope of the
preservation efforts. They are:
1. The legal hold notice and any updates to it;

2. Evidence of distribution of the legal hold notice, including the list of recipients, confirmations of receipt and follow-up
communications;
3. Notes of witness interviews; and
4. Copies of company documents, such as organizational charts.
5. The data map
6. Documents that track the timing of all decisions, including later ones, including the reasoning behind any decisions not
to preserve a particular collection of ESI
4.16.3 Federal Rules of Civil Procedure Rule 30(b)(6) allows a party to have a corporate employee of another party give testimony
about their legal hold and all the decisions around it. Having a well-documented hold will make preparing for such a
deposition much easier and reduce the opposing party’s chances of finding the hold insufficient.
SLIDE 17: CHAPTER 4 SUMMARY
4.17.1 There are a few questions that need to be asked about an organization's ESI and its environment. They are:
What is it? (ESI comes in a large variety of formats and file types, including Windows or Apple formats).
Where is it? (ESI can be located on personal hard drives, USB (thumb) drives, file shares, SharePoint and other content
management systems, corporate SANs (Storage Area Networks) smartphones, tablets, in the cloud, or in any location
where information can be stored.)
How safe and secure is it? (Critical information can be subject to theft or loss due to hardware and software failures, as
well as events like fires and floods.)
Who controls it? Why do we need it? (Different people manage the information depending on where it is stored. It is
important to identify these relationships.)
How long do we need it? (The information owner should also decide when it no longer needs to be retained or no
longer needs to be collected.)
What does it cost to keep it? (Information retention specialists and IT need to analyze the cost of keeping records over
time.)
4.17.2 In addition, you have learned:
A Litigation hold is a directive to preserve ESI and documents that are potentially relevant to a matter.
Having a litigation readiness plan is a must. A good readiness plan has procedures for creating and implementing legal
hold as soon as the trigger event occurs.
Organizations must track departing employees to ensure ESI under litigation hold is not lost or taken when an
employee leaves the company.
matter covered.
Module 5: Litigation Hold Implementation
5.1.1 Hi, it’s Amy. This is module 5 and it covers litigation hold implementation.
5.2.1 In this module you will learn about Legal Hold Planning, Elements of a Legal Hold, Data Retention, Scope of Product,
Business Impact and Safe Harbor. You will learn:
What is a litigation hold

How to implement a hold with minimal interruption to business practices.
Who is subject to a hold order
How to identify and capture relevant data sources
How to limit the scope of a hold order
How to put a legal hold or litigation readiness plan in place before litigation arises
SLIDE 3: GETTING STARTED
5.3.2 A litigation hold is a directive requiring a company or other party to a lawsuit to preserve all data which may relate to a
legal action involving the company or party. It should be understood that an individual can also be directed to implement a
“litigation hold.”
5.3.3 A “non-custodial” data source is a source not associated with a specific person. Examples include shared drives,
collaborative workspaces, and dynamic databases.
5.3.4 Network Infrastructure. The computer software and hardware environment developed and in use by the entity storing the
data. It is important to understand the network infrastructure and where potential ESI might be held. Data Maps can be
critical in locating data sources. You should have IT personnel in charge of the storing network at your disposal to resolve
any ESI issues.
5.3.5 Data Retention. An entity’s policies related to Information Governance dictate the period of time that data is usually
retained during normal business operations.
5.3.6 Defensibility. In the context of litigation holds, defensibility means understanding how your opposition, judge, jury, or
regulator will view your litigation hold process in light of applicable legal requirements. While perfection is not the
standard, your actions will need to seem reasonable given the information available at the time of the action.
5.3.7 You should now understand the following terms: Litigation Hold, Non-Custodial Source, Network Infrastructure, and Data
Retention and Defensibility.
SLIDE 4: LITIGATION HOLD PLANNING

5.4.1 A litigation hold can apply to nearly everyone in the company, however, it is a good idea to limit and refine its scope as
narrowly as possible. Interview those in particular who know the case and the company.
5.4.2 During this phase, only interview people identified as key players and ask them who else is likely to have potentially
relevant ESI.
5.4.3 You should also interview both the personnel who manage the content, and those who manage the electronic
implementation environment or network infrastructure.
5.4.4 Also, during this phase, it is important to consider the most common types of ESI and places where they are stored. The
most common forms of ESI are e-mail (including files and archived), office-type documents, and spreadsheets.
5.4.5 Make sure you consider PC hard drives, handheld devices, DVDs, "thumb" drives, smartphones, tablets, as well as private
locations like home computers and private e-mail sites, such as Google, Yahoo, Hotmail, and social networking sites.
Organization charts and data maps are a valuable resource, however, use caution because data maps can get out of date
very quickly. Ensure the data map is verified with the IT staff you interviewed.
5.4.6 Make sure IT staff understands the nature of each of the company's ESI infrastructure. If your client is an individual, you
must ensure they understand all the ways they can accidentally overwrite or delete potentially relevant ESI.
SLIDE 5: ELEMENTS OF A LEGAL HOLD
5.5.1 A legal hold or litigation readiness plan provides guidance for implementing a legal hold. Ideally, a litigation hold plan is in
place before litigation arises.
5.5.2 An effective litigation hold process includes several key elements. The written notice itself, Distribution, Response, Follow-
Up Interviews, Periodic Reminders, Release Notice and Tracking Reports. Effective litigation hold notices are understood by
the custodians who receive them, so draft hold notices in lay terms for custodians with no IT background.
Button Interaction
Written Litigation Hold Notice (Button)
Hold notice is usually written; oral notices are not usually defensible
Consider whether the notice needs to be produced in other languages
Have 2 or 3 "key" people review the hold notice for clarity and correctness
State all subject matter clearly
Create a standard form for use in all litigation holds, but recognize when it should be modified for the
specific facts and ESI in your matter
Distribution Of The Hold Notice (Button)
Have a defensible , i.e. current and relevant list of recipients
Distribution to overly broad groups (e.g., the entire organization) can lead to non-compliance or
misunderstanding
o Employees may ignore it
o Some courts have ruled broad distribution "inadequate"
Use reliable and verifiable distribution e.g. e-mail or printed notices.
Response From Custodians To The Hold Notice (Button)

It is generally considered a best practice to require recipients to confirm receipt and understanding
Use e-mail, "voting" buttons or other software tools to confirm receipt
o Simple “read” receipts are not ideal
Follow-up with anyone who does not confirm receipt or seems confused
Follow-up regularly throughout the life of the matter and document each follow-up
Follow-Up Interviews With Custodians Who Received The Hold Notice (Button)
Some judges have determined that follow-up interviews of recipients of hold notices are necessary to:
o Confirm they received and read the hold notice
o Ensure they understand the hold
o They agree to abide by hold instructions
o Answer any questions the custodians may have about compliance
Document all these processes during the interview
Periodic Reminders (Button)
It is common to perform regular follow-up interviews and/or send reminders

o Monthly or quarterly is common
Some case law requires litigating attorney to take "affirmative action" in monitoring the hold
Document actions, including distribution dates, recipients, interviews, and verification
Release Notice (Button)
Releasing custodians from a litigation hold is important, as it lets companies return to a normal document
retention schedule, and allows individual parties to use the device or data without fear of spoliation
Ensures custodians do not become overly burdened
Hold plans should say who is authorized to release the hold and under what conditions
Holding ESI that is outside the regular retention plan risks it being subject to holds in other cases.
Litigation holds require corporate resources to implement and maintain, so it is important to allow the ESI to be
deleted or archived based on normal ESI retention schedules as soon as possible to simplify operations and conserve
resources
Tracking Reports (Button)
You need a reliable and consistent method or application for tracking all litigation holds across all matters for a
client
o Defends hold process(es)
o Tracks responses and those not responding
o Reports all persons under hold for a specific matter
o Reports all holds an individual person is under
o Retains historical data and does not delete data related to a matter, even when the matter is settled
or otherwise resolved
SLIDE 6: LEGAL HOLD NOTICE
5.6.1 Earlier, we discussed the steps of a legal hold. One of them was distribution.
5.6.2 Click on each button to each more.

Button Interaction
Distribution of Hold Notices (Button)
Notices sent to large groups of people or company-wide are much more likely to be ignored or
misunderstood and are disfavored by courts
For individuals under multiple holds, an individually addressed hold notice is likely more effective than multiple
hold notices
E-mail is an accepted means of distribution; ideally it will require a response from the custodian that proves it
was received and understood
Consider the use of specially designed litigation hold software system to send and track litigation hold notices
Designate Help for ESI Custodians (Button)
Identify a point person, by providing a phone number and/or e-mail address, so custodians have a contact to
direct their questions and concerns
o Preferably someone inside company who knows the terminology, business, and matter at hand
o Have contact(s) fluent in the custodians' spoken language
o Ensure prompt response to all questions
Document and pass any concerns to appropriate person
Instructions to Custodians (Button)
Assume minimum technical expertise

Include step-by-step instructions for implementing the hold
Explain accessing and saving documents to a particular location. You should assume you need to preserve
MAC (Modified, Accessed, Created metadata)
Explain how to preserve individual e-mails
Provide alternate locations for storing items (e-mail boxes may fill up)
Provide contact information for someone in technical support
Have a typical user test hold instructions
Cautions for Allowing Custodians To Preserve Their Own Data (Button)
Courts have criticized the practice of allowing individuals who are stakeholders in the outcome of the case to identify,
preserve or collect their own data, since they arguably lack the necessary objectivity to collect all of what is relevant
and responsive
Custodians who are individuals do not think about documents and evidence the way legal professionals do. They
cannot be expected to identify and preserve all the ESI that could be relevant to a case
Custodians who are not IT professionals or trained in searching and managing ESI arguably do not have the necessary
technical skills or experience to preserve it in a manner that maintains the integrity of the metadata or ensures it is not
accidentally overwritten or deleted
If email collections can be preserved by IT staff from a backend server, they should be. Custodians who have relevant
email can delete it from their mail accounts.
When parties are individuals, strongly consider whether to hire a professional vendor to help them identify and
preserve relevant ESI. The standard for preservation is not lower because a party is an individual, and not a company.
Confirmation of Receipt Of The Hold Notice (Button)

As discussed earlier, it is important to document efforts in the processes of implementing the litigation hold
Who received it
When received and read
Assurance that individual read and understood the hold notice and agrees to abide by it
Regular review of hold to see if scope has changed (requiring changing the notice and/or adding more
custodians)
Regular notice and possible reaffirmation from individuals under hold that they understand and are
following hold
SLIDE 7: DEFENDING A LITIGATION HOLD
5.7.1 Hold procedures may be challenged long after the hold is initiated so here are a few ideas to ensure that the process is
legally defensible:
5.7.2 Document every action carefully including "when" and "why."
5.7.3 Document ESI sources which were considered for preservation, but discarded. The reasoning behind those decisions may
become quite important if you are later criticized by your opponent for not preserving ESI.
5.7.4 Review the hold throughout the matter as scope, claims, allegations, and issues evolve.
5.7.5 Evaluate the scope of the hold at the filing of the complaint, after the Rule 26 meeting of attorneys, at the time of written
discovery, and at regular intervals thereafter.
SLIDE 8: DATA RETENTION POLICIES
5.8.1 E-mail systems can be set to automatically delete messages after a certain elapsed time, according to the organization’s
email retention policy.
5.8.2 When preserving and collecting data from a company's communication systems (e-mail, phone, messaging, etc.) you must
consider the company’s ESI retention policy.
5.8.3 Two groups to consider interviewing and involving are the users of the data and the IT department.
5.8.4 The IT department may not only have to change their procedures, but they might even have to create new ones.
5.8.5 Interview users and custodians who can help identify data you need, and also the IT group, who can help you to preserve
and collect it.
5.8.6 Hover over each the following to learn more.
Custodians, or “Users” Of Data (Button)
Custodians may know a lot about the data itself, such as fields in a database, what information may be relevant
to the matter, and even how to create valuable reports
They understand the relationship of the data to the business.
They may know little about how the system is maintained, the back-ups and the hardware.
It Department (Button)
They understand the mechanics and technology of the system.

However, they generally are not experts on the content of the system.
SLIDE 9: PERPETUAL DATA OR OVERWRITTEN DATA

5.9.1 An organization’s IT network systems can manage new data in two ways: either by overwriting previously stored data (e.g. a
backup tape rotation) or by preserving all data in a system perpetually (e.g. an e-mail system or a database).
5.9.2 Overwritten data sources may be periodically preserved via backups and snapshots. Discuss these ESI sources with IT.
5.9.3 Regardless of whether you are dealing with perceptual data or overwritten data, you will need to work with custodians or IT
to ensure the ESI is preserved.
5.9.4 Certain information on a computer or other device can only be preserved if a forensic image is made of the device. An
example is deleted documents on a computer’s hard drive that will eventually be overwritten by ordinary use of the
computer. When the circumstances of the case call for preservation of this type of information, you must employ forensic
imaging devices before other users are allowed to be use the computer or device in the ordinary course of business.
SLIDE 10: CONSIDER THE BUSINESS IMPACT OF THE LITIGATION HOLD
5.10.1 Always strive for minimal disruption of normal business activities.
5.10.2 You can do this by considering:
How to collect once from each custodian and data source.

Using acquisition and review software tools designed to support e-discovery data.
Preserve only what needs to be preserved. Preservation requires resources, so do not over-preserve and release
preservation holds as soon as the matter is concluded
Exporting relevant data records from a database into a new, matter-specific database.
SLIDE 11: IDENTIFYING SOURCES OF ESI
5.11.1 The most common source of ESI is a custodian, however, non-custodian ESI is a critical source of ESI as well.
5.11.2 Examples of custodian data are: E-mail, personal storage on hardware devices or cloud accounts, allocated storage, private
data storage, and data associated with social networking sites used by the custodian, tablets, smartphones or even private
web-based email accounts.
5.11.3 Examples of non-custodian data are: Databases, SaaS and cloud storage providers, wikis, and shared network storage
locations.
SLIDE 12: EXAMPLES OF POTENTIAL LOCATIONS FOR ESI
5.12.1 It's always a good idea to instruct the recipient of a litigation hold that the data to be preserved may be located in a wide
variety of storage locations such as: E-mail, Desktop Drives, Portables Devices, Shared drives, Home computers, Tablets,
Smartphones, Internet storage locations, and document management systems.
5.12.2 Remember this list is not exhaustive. There are always other locations where ESI can be stored; it depends on the client,
their digital environment and the specifics to your matter.
NEW SLIDE 13: LOSS OF ESI SANCTIONS
5.13.1 Loss of ESI (and paper documents) subject to an obligation to preserve can result in a claim of spoliation. Depending on the
circumstances of the data loss, a court may order sanctions against the party who failed to preserve the information.
5.13.2 FRCP 37(e) sets out the standards for possible sanctions for loss of information under preservation.
5.13.3 If the lost data can be restored or replaced, no sanctions should be imposed.
5.13.4 If the lost data cannot be restored or replaced AND the opposing party is prejudiced by the loss of that data, the court may
impose sanctions “no greater than necessary to cure the prejudice.”
5.13.5 Only upon a finding of a party’s intent to deprive their opponent of the use of the information in litigation, the court may
impose the more severe spoliations sanctions: adverse inference instruction or dismissal/default judgment.
5.13.6 Negligence, even gross negligence, will not be sufficient for the imposition of the most severe sanctions
5.14.1 A litigation hold is a directive requiring a company or other party to a lawsuit to preserve all data which may relate to a
legal action involving the company or party. Ideally it will:
Be done with minimal interruption to business practices.

It can apply to nearly everyone in an organization
It is best to limit and refine the scope of a hold order
5.14.2 In order to implement a hold:

Interview those in particular who know the case and the company
Put a legal hold or litigation readiness plan in place before litigation arises
5.14.3 Hold procedures may be challenged long after the hold is initiated. To ensure that the process is legally defensible:
Overwritten data sources may be periodically preserved via backups and snapshots
Discuss these ESI sources with IT and identify data custodians
5.14.4 Be aware of the standards for the imposition of sanctions for spoliation.
covered.
Module 6: Project Management
6.1.1 Hi, it’s Amy. This is module 6 and it covers project management in the context of e-discovery.
6.2.1 In this module you will learn the mechanics of e-discovery Project Management. You will learn the following topics:
Building the e-discovery team

Working within the Federal Rules of Civil Procedure
Managing non-party e-discovery
Budgeting the e-discovery process
Documenting the process with the EDRM
Evaluating a client’s risk tolerance
Controlling costs and averting risk
6.3.2 Project management is the discipline of planning, organizing, motivating, and controlling resources to achieve specific goals.
6.3.3 Specification is a description of what to produce.
6.3.4 The e-discovery folder is a repository of all information relating to the e-discovery project you are working on. There are
several sections to this folder, and it must be tracked closely throughout the project.
6.3.5 A subpoena is a request for documents or for a person to appear in a legal proceeding.
6.3.6 You should now understand the following terms: Project Management, Specification, e-discovery Folder and Subpoena.
SLIDE 4: BUILDING THE E-DISCOVERY TEAM
6.4.1 Anyone involved in e-discovery work, regardless of their role, must be aware of the ethical considerations that may arise.
6.4.2 Attorneys are held to professional standards established by the American Bar Association (ABA) and adopted (sometimes
with modifications) by each state's bar association.
6.4.3 Currently, there aren't any explicit electronic discovery-related ethical rules for lawyers, but there are general model rules
of professional conduct that are implied in various aspects of the discovery process, which include the ABA Model Rules of
Professional Conduct, Rule 1.1 Competence, Rule 3.3: Candor Toward the Tribunal, and Rule 3.4: Fairness to Opposing
Party & Counsel
6.4.4 When handling ESI, the value of a particular piece of information might not be readily apparent to even the most
scrupulous practitioner.
6.4.5 In the past, courts imposed extreme sanctions against parties and attorneys for e-discovery failings and violations. With the
change in FRCP 37(e), that trend is likely to reverse.
SLIDE 5: FEDERAL RULES OF CIVIL PROCEDURE
6.5.1 We have previously discussed the Federal Rules of Civil Procedure, so we will move through this quickly.
6.5.2 Under the Federal Rules of Civil Procedure, ESI is discoverable if in "possession, custody or control" of a party.
Button Interaction
Control (Button)
"Control" in the rule indicates that in some circumstances it is not necessary for the producing party to actually possess the
ESI, but merely that it have some legal right to direct the treatment of it, including its preservation, collection, review, and
production.
Non-Party Respondent (Button)
In some instances, potentially relevant ESI will be held and maintained by a person or entity not a party to the matter, even
if it is considered in the control of the producing party.
SLIDE 6: RELATIONSHIP OF PRODUCING PARTY AND NON-PARTY
6.6.1 The relationship between a producing party and a non-party has two potential structures.
6.6.2 The first is when the ESI belongs to, or directly involves, the party from which the ESI is being sought.
6.6.3 An example of this is when a party to an investigation or lawsuit has been asked to produce ESI stored in a cloud application
and belonging to the producing party, which it provides for collaborative writing and reviewing of documents on its internal
servers.
6.6.4 The second situation is when ESI belongs to a non-party, but is nevertheless potentially relevant to the matter.
6.6.5 An example is when the ESI belongs and relates solely to a non-party, but it is nevertheless potentially relevant to the
matter, such as credit card transaction data or telecom customer billing records.
SLIDE 7: “NON-, OR THIRD-PARTY CONTRACTUAL RELATIONSHIPS
6.7.1 A contract between a client and a non-party is likely to address both parties' rights, so it is important that the document is
reviewed.
6.7.2 If you are a party in a lawsuit and in a contractual business relationship with a party that may possess relevant data, there
are a few things you must do, which include notifying that party immediately if a preservation obligation arises and
documenting your interaction(s) with that party.
6.7.3 Follow-up with face-to-face meetings, and ask about data structure, storage technology, and any ESI auto-destruction
policies. Document confirmation of the party's preservation activities, in writing if possible. It is a best practice
recommendation to interview appropriate personnel about these issues to fully understand the ESI and the storage systems
and to confirm they understand their preservation obligations
SLIDE 8: WHO BEARS THE COST?
6.8.1 When it comes to data hosted by a non-party, the main question is, “who pays?”
6.8.2 There are two ways to answer that question.
6.8.3 The first way is to specify who will bear the discovery costs. If there is no contract, or if the contract does not specify costs,
then the parties should negotiate.
6.8.4 Courts are usually sympathetic to non-parties, so expect the courts to likely side in favor of the non-party and to minimize
their costs.
6.8.5 However, courts expect non-party hosting companies to anticipate and plan for ESI identification and collection, so plan
accordingly.
SLIDE 9: PRODUCING “RAW” DATA
6.9.1 Non-party hosts may want to produce raw data to the producing party, and let them process, review, and produce it.
6.9.2 However, this method may be impractical for two reasons.
6.9.3 The host may produce a large volume of ESI that the producing party does not need. There is also the risk that the host
could expose the producing party's confidential or even privileged ESI.
Static Layer
Expecting the non-party to process, review and produce ESI is often impractical for the following reasons:
Processing considerations in the context of the case are usually not well-understood by non-parties;
Non-parties will seek to minimize their costs, and cannot be expected to cull, de-duplicate or use other robust tools to cull
the irrelevant data or confidential information;
Non-parties likely do not have the requisite understanding of the issues in the case to make accurate determinations of
responsiveness or relevancy; and
Non-parties may be tempted to simply produce large volumes of irrelevant ESI along with the relevant ESI, which puts the
stakeholder party’s irrelevant ESI at risk of production, ESI which may contain confidential, proprietary or privileged
information. However, if the non-party host has to review and separate responsive and non-responsive ESI the costs can
go up significantly.
SLIDE 10: METHODS OF OBTAINING NON-PARTY INFORMATION
6.10.1 There are special considerations when dealing with non-parties.
6.10.2 Click on each of the button to learn more.
No Contract or Relationship (Button)
Situation governed by Rule 45 of the Federal Rules of Civil Procedure

Attorney can issue a subpoena in some jurisdictions
Complicated jurisdictional relationship between state and federal courts
Consult an attorney knowledgeable about jurisdiction's law
o Avoid errors in issuing, serving, and responding to the subpoena
Subpoena (Button)
Since a subpoena has the force of a court order, a Non-Party must assess a subpoena's validity and decide how to
respond
A Non-Party must respond in a timely manner, and may object and/or seek court relief
If a Non-Party objects in a federal court case, no further response is required from the Non-Party unless the
subpoenaing party moves to compel production of the ESI
Courts tend to be sympathetic to Non-Parties
Non-Parties should address the ESI issues that arise exactly as it would if it were a party to the case
Negotiate (Button)
The Non-Party can negotiate with the parties regarding:

o The Scope of ESI
o Manner of production
o Format of production
o Cost shifting or sharing
Original subpoena may be very broad due to lack of information about third-party's system
o Bring in knowledgeable attorneys for discussion
Last resort: go to the court for relief
SLIDE 11: E-DISCOVERY FOLDER
6.11.1 As discussed in a previous module, the sections of the e-discovery folder should include: preservation and identification,
collection, processing, review, and production. These are all stages of the Electronic Discovery Reference Model.
6.11.2 Since we have already gone into the e-discovery folder in depth during the project planning module, we will discuss these
sections briefly here.
Button Interaction
Preservation And Identification (Button)
Steps taken to identify the location of relevant information:

o ESI Systems and custodians
o Notes taken during custodian and IT interviews
o Custodial surveys
o Copies of documents reviewed to determine the scope of the legal hold (such as organizational charts)
Documentation must include:
o The actual legal hold notices
o Evidence of the distribution of all legal hold notices
o The lists of recipients of the legal hold notices
o Confirmations and follow-up communications with recipients of the hold notices to confirm the notices were
not only received but also understood
o Any data identified but not preserved should have documentation detailing the reasons the data was not
preserved
As the legal hold process is revisited over the course of the matter:
o Update the folder with any new legal hold notices
o Track the timing of later decisions and communications about preserved ESI, including any decisions to release
holds
Collection (Button)
It is critical to meet with legal, in-house legal, IT, records management and database management
Consider various collection strategies:
o A well-designed and executed strategy can substantially reduce collection costs
o You should consider sampling ESI to test strategies, estimate density of responsive documents and provide
defensibility to your identification process
Consistently use forms, which:
o Ensures all data is gathered from all custodians
o Improves defensibility if later challenged
o Makes later reference easier and faster
o Reduces confusion when there are multiple holds
o Leads to improvements, as continued use reveals ways to improve them
o Forms are easier and faster to fill out when the writer is familiar with the form and its format
Refer to custodian interviews and surveys for the specific places where potentially relevant ESI is stored, such as drive
locations, mobile devices and home computers.
Even though all that is preserved will not necessarily be collected, cross-check the legal hold list against the collection
list to ensure all ESI was collected
Verify the relevant date range of each custodian's or other source’s ESI
Develop a list of potential keywords to use for searching and to assist in locating relevant ESI (such as a project code
name or project number)
After collection, each collector should complete a standard form detailing*:
o Exactly what material was copied
o The exact source from where it was harvested
The collection form will provide a starting point for chain of custody documentation
It is a best practice to combine all the collection forms into a collection log, so the information is organized in one
place. The collection may be helpful to respond to “discovery about discovery” or to prepare a witness for a Rule
30(b)(6) deposition.
*This may be the most critical piece of information to track in the entire matter, since it will be virtually impossible to
perform updates to, or increase the scope of, any earlier collection without this information.
Processing (Button)
De-NISTing: cull files identified by National Institute for Standards and Technology as being standard system files
distributed by vendors (executables, OS Files, DLLs, etc.)
De-duplication: culling of duplicate copies of files
Near de-duplication: cull copies of files that contain a given percentage of duplication
Date filtering: cull files except those within a given date range (date can be modified, accessed, or created, or a
combination)
File type: cull files of given types that are expected to yield no valuable information
The “Specification” is a description of what to produce
o Might be agreed to in Rule 26(f) conference
o If not, a technical planning meeting is in order
o Parties might agree to and specify search terms, cluster concepts, and near-dupe percentage
Should include an agreed format t for production of different types of ESI. Formats can include:
o Natives and near-natives
o Searchable text
o Images, typically with Bates numbers branded on the images
o Load file(s), which should contain fields of metadata from the native files, as well as information that will
properly associate emails and attachments
o Images of scanned Paper documents
o Some files like .xls, xlsx, .csv, and .xml files are often produced natively, unless they contain redactions or
there is some other reason to withhold the cell formulas and/or metadata
o Some files, such as video and audio files, can only be produced natively
Quality control plan:
o Review culled and kept ESI
o Test culled and kept ESI with alternate techniques
o Verify kept ESI is within expectations or agreed percentages
o Stay aware of due dates/deadlines
o Get approval for changes and scope from the team lead
o Communicate all changes with opposing counsel when changes are required
If counsel has agreed to search terms, culling or searching methods, or any other parameter,
opposing counsel must be informed of changes that affect those
o Document exact techniques used and why they were chosen
o Record results of each culling operation
Track number of culled documents reviewed
o Keep culled documents
Scope may change later or new search terms may be added
Other processing may be needed
You may only need to search previously excluded documents
Culling procedure may have to be defended
Culled documents can help defend cost considerations
o Check the results of culling, and revise terms and techniques to improve precision and recall
o Culling and testing done before the Rule 26 (f) meeting may affect negotiations about what is "reasonably
accessible" and helps the attorney understand the nature of the data
o Use statistical samples to validate assumptions and statements about the efficacy of culling process
Final QC Documentation Check (Button)
Documentation should include:
o Production plan
o Correspondence regarding production shipments
o Shipping and delivery receipts
o Production Log to include descriptions of what was produced
o Details about the media used (flash or thumb drives, DVDs, drive [serial number], paper)
o How transmitted
o Dates of transmission
o Statistical checks to ensure completeness, lack of corruption, conformity to specification, timely and
accurate production
SLIDE 12: BUDGET CONSIDERATIONS
6.12.1 We have also covered budget extensively in the budget module but we will also review it briefly here as it relates to project
management. Remember, discovery costs are typically second only to the trial in project costs.
6.12.2 Many cases never go to trial, so discovery is often the largest expense for any case.
6.12.3 Because of this, the budget needs to be explicit and reviewed regularly.
6.12.4 But keep in mind that the client may not know useful metrics for the budget.
6.12.5 Design the budget with cost drivers in mind, and make sure you track volume and scope.
6.12.6 Volume is the largest cost driver and small variations can cause big changes in cost. You should think in terms of megabytes
and gigabytes, not pages, particularly since native ESI has no pagination and the conversion rate is not known until the end
of project. If a vendor bids in pages, insist on a conversion rate to better quantify your budget expectations.
6.12.7 Scope: Inaccuracy in scoping is a cost driver. Start small and expand if necessary and plan to avoid duplication of effort if
scope increases. Rather than reviewing a small number of issues with all custodians, select a small number of custodians
and review all issues with each…Always strive to review each item only once.
SLIDE 13: COST ELEMENTS OF THE E-DISCOVERY BUDGET
6.13.1 There are three major cost elements of the e-discovery budget: Collection, Number of Custodians and Volume per
Custodian.
Button Interaction
Collection (Button)
Often accomplished by the client, though so called self-collections are less defensible in court and generally not best
practices and ultimately may require a third-party e-discovery vendor. In addition, it may also require travel to different
locations by the project manager, supervising attorney, vendor personnel, and others.
Number of Custodians (Button)
If possible, adversaries should discuss and reach agreements on the initial number of custodians. The parties may
renegotiate the number of custodians after the first round of discovery.
Parties may phase discovery focusing on only key personnel first. Analysis of data collected from first custodians may be
used to target and narrow subsequent collections.
Volume per Custodian (Button)
Consider taking steps in processing to reduce volume, including excluding certain document types (on NIST list) and de-
duping documents.
Eliminate lesser included e-mail threads, define date limitations, refine search terms and implement concept clustering.
SLIDE 14: MAKING ADEQUATE TIME
6.14.1 Test search terms, analyze results, and fine-tune coding guidelines to minimize costs.
6.14.2 Better planning and preliminary testing can reduce the number of reviewers = reduced costs.
6.14.3 Reviewers have learning curves so the fewer reviewers who have to learn, the faster and more accurate the review is.
6.14.4 As a rule of thumb, reducing the number of reviewers increases consistency among reviewers, thereby reducing costs.
6.14.5 Consider predictive coding or technology assisted review for reviewing large volumes of ESI. While not appropriate for
every case or every document collection, these methods can yield high rates of responsive documents at much reduced
costs when compared to traditional searching and review approaches.
SLIDE 15: CLIENT RISK TOLERANCE
6.15.1 Risk tolerance will impact how the project is planned.
6.15.2 The client may be willing to tolerate the risk of producing a privileged document or an irrelevant and potentially damaging
document. It should be noted that it is generally not an acceptable practice to produce large volumes of ESI with no
attempt to search for and withhold privileged documents, even when an agreement is in place to “clawback” or return
privileged documents.
6.15.3 You can then design a more efficient and less expensive approach.
6.15.4 If a client is highly risk-adverse, you would design a strategy that will minimize the risk. However, it will be more expensive.
SLIDE 16: OPEN COMMUNICATION WITH ADVERSARY
6.16.1 It is a good idea to engage adversaries in early and open discussions, which are dictated by Federal Rules of Civil Procedure
and strongly encouraged by the court and Federal Rules of Civil Procedure.. These meetings help to keep costs down and
fosters a relationship between the parties.
6.16.2 During the meetings with adversaries, the following items may be discussed: Scope. Methods. Forms of production.
Unreasonable demands (for example an excessive number of or overly broad search terms). Costly forms of production.
SLIDE 17: ELEMENTS OF THE REVIEW
6.17.1 Reviews are often complex.
6.17.2 To deal with this complexity consider the following: Number of Redactions, Multiple Sets of Reviewers, Third-Party Vendors
and Complexity of Matter.
6.17.3 The number of review tags, complexity of the coding schema, and the number of decision points at which the review team
can analyze the effectiveness of the review.
6.17.4 Click each of the buttons to learn more.
Button Interaction
Considerations (Button)
Consider time to create and maintain privilege log

Testing may help estimate
Multiple Sets Of Reviewers
Contract attorneys for first pass

Trial team and involved legal staff for proposed production
Third-Party Vendors
Can help with all phases

May offer combined services
Solicit bids
Review for completeness and consistency of services
Special attention to long-term storage and hosting fees
Bids need to be reviewed by attorney or consultant experienced in reviewing bids
Costs must be included in budget
Complexity of Matter
Complexity of the coding schema:

Number of passes of review will affect the bottom line
If the coding schema for the documents is complicated, with many decision points, the review will be more
time-consuming and therefore more expensive
Sophistication of the privilege issues presented by the facts of the case
The most efficient way to organize the review may be with numerous decisions during a single pass review
rather than through separate review phases
Complexity of privilege issues: straightforward vs. elaborate (e.g. joint defense and common interest issues
between different parties)
Redaction of personal and confidential information can be extremely labor intensive, sometimes so much so
that it becomes a significant percentage of the total cost of review.
6.18.1 Project management is the discipline of planning, organizing, motivating, and controlling resources to achieve specific goals.
By now you should have an understanding of the following e-discovery Project Management skills:
Building an e-discovery team

Understanding the implications of the key rules in the Federal Rules of Civil Procedure
Managing non-party relationships
Budgeting the e-discovery process, and
Evaluating a client’s risk tolerance
Implications of the ABA Model Rules of Professional Conduct:
Rule 1.1 Competence
Rule 3.3: Candor Toward the Tribunal
Rule 3.4: Fairness to Opposing Party and Counsel
Building an e-discovery folder around the Electronic Discovery Reference Model
The three major cost elements of the e-discovery budget:
Collection
Number of Custodians
Volume per Custodian
How to control cost and complexity of the review process
covered.
Module 7: Legal Framework and Obligation
7.1.1 Hi, it’s Amy. This is module 7 and it covers legal framework and obligation.
7.2.1 E-discovery professionals need be aware that the failure to manage electronic evidence in litigation can
adversely affect a matter and result in sanctions, such as monetary fines, adverse jury instructions or other
forms of discipline handed down by a Court. In this module you will learn about the ethical duties you need to
live up to in order to effectively manage e-discovery. These include:
Protecting attorney-client privilege

7.2.2 You will also learn about the following ethical obligations that will come into play in any civil or criminal matter:
Competent Representation
Candor
Confidentiality
Protecting Work Product
Fee Sharing
Conflict of Interest
Unauthorized Practice of Law
7.3.2 Discovery about discovery is an inquiry into the management of the discovery process.
7.3.3 A custodian is anyone who holds data subject to discovery. Nearly every employee of every company is a
potential custodian.
7.3.4 Non-party respondent is an individual or entity that is not a party to the case but has been subpoenaed for ESI
relevant to the matter.
7.3.5 When referring to ESI, control means the legal power a responding party has over ESI being held by a non-party.
7.3.6 You should now understand the following terms: Custodian, Non-Party Respondent, Control and Discovery
about Discovery.
SLIDE 4: OBLIGATION: DATA PRESERVATION

7.4.1 E-Discovery requires affirmative steps be taken to preserve data and information.
7.4.2 Counsel must fully educate the client regarding the requirements of discovery and take independent steps to
verify completeness and accuracy.
7.4.3 Individuals and entities have the duty to preserve potentially relevant documents as soon as there is reasonable
expectation of a legal event.
7.4.4 The failure to preserve electronic data after the reasonable expectation of litigation has arisen can affect the
litigation adversely and result in sanctions, such as monetary fines, adverse jury instructions or other forms of
discipline handed down by the Court.
SLIDE 5: CONSIDERATION: UNITED STATES FEDERAL RULES OF PROCEDURE (FRCP)
7.5.1 The US Federal Rules of Civil Procedure were amended in 2006 to address a number of key issues confronting
the legal system as a result of the growing use of electronically stored information.
7.5.2 The scope of discoverable material expanded to include electronically stored information.
7.5.3 Stated the need for early consideration of the issues relating to electronic discovery in a case.
7.5.4 The consideration of the costs and burdens in attempting to obtain certain electronically stored information
from sources that are not reasonably accessible.
7.5.5 The procedure for asserting a claim of privilege or work product protection after production.
SLIDE 6: FRCP 26 (A)
7.6.1 We've previously covered the meet and confer duty rule, but we will review it again as it pertains to this module.
7.6.2 The Federal Rules require attorneys to "certify" both discovery requests and responses in the attorney's own
name, taking responsibility for the matter certified.
7.6.3 The attorneys' signatures certify that the requests are:
7.6.4 Warranted to the best of the person's knowledge by existing law or by a non-frivolous argument for
extending, modifying, or reversing the law, or for establishing new law.
7.6.5 Not put forth for any improper purpose such as harassment, unnecessary delay, or needless increase in
the cost of litigation.
7.6.6 Not unreasonable nor unduly burdensome or expensive, in light of the needs of the case, prior
discovery in the case, the amount in controversy, and the importance of the issues at stake in the action.
7.6.4 At the very least, the parties must meet and confer to discuss: initial disclosures, preservation of data issues, as
well as their discovery plan.
SLIDE 7: PRESERVATION OBLIGATION
7.7.1 Preservation obligation refers to the duty to protect ESI against inappropriate alteration or destruction.
Button Interaction
Preservation Obligation (Button)

Ensures that ESI is protected against inappropriate alteration or destruction
o Legal hold obligation and plans
o Identifying sources of ESI
o Spoliation of evidence and potential sanctions
o Documentation of preservation efforts
Disclosure Requirements (Button)
Preservation Disclosure Requirements under the FRCP

o Rule 26 (a)(1) governs "initial disclosures"
o Under the initial disclosure rule, parties must make available to each other certain initial information
at the beginning of the case without a formal discovery request
Legal Hold Obligation (Button)
If a party does not issue a proper legal hold on data, relevant ESI could be lost and give rise to claims of
spoliation
If the court determines relevant data has been lost, it has the discretion to impose a wide variety of
sanctions to help the non-spoliating party
SLIDE 8: OBLIGATION: REVIEW AND ANALYSIS
7.8.1 A review is conducted to distinguish relevant from irrelevant information, to protect privileged material, to
improve attorney-client communications, and to ensure for quality control.
7.8.2 According to FRCP Rule 26: "Parties may obtain discovery regarding any non-privileged matter that is relevant to
any party's claim or defense and proportional to the needs of the case, considering the importance of the issues
at stake in the action, the amount in controversy, the parties’ relative access to relevant information, the
parties’ resources, the importance of the discovery in resolving the issues, and whether the burden or expense
of the proposed discovery outweighs its likely benefit."
7.8.3 Review Obligation Considerations:
Waiver of Privilege
Protective Order
Clawback Agreement: agreement that inadvertent production of privileged material will not constitute a
waiver
Quick Peek Agreement: No effort to weed out privileged material up front but agreement that privileged
material identified through requesting party’s review may nevertheless be withheld from use in the case.
7.8.4 The Federal Evidence Rule 502 generally establishes that inadvertent production will not result in waiver.
Further, FRE 502 encourages use of protective orders including clawback agreements.
SLIDE 9: OBLIGATION: PRODUCTION
7.9.1 Parties should agree on a form of production at the outset of discovery, ideally at the earliest stage of discovery.
This is an example of another topic to be discussed during the Meet and Confer.
7.9.2 Under Rule 34, the requesting party may specify a format, to which the producing party may object and offer an
alternative format.
7.9.3 Rule 34 of the FRCP states that the format must be either the form in which it is ordinarily maintained in the
usual course of business or a reasonably usable form.
SLIDE 10: OBLIGATION: ETHICAL CONSIDERATIONS
7.10.1 Lawyers have several specific ethical obligations. They are:
7.10.3 Competent Representation: The legal knowledge, skill, thoroughness and preparation reasonably necessary for
representation.
7.10.4 Candor: A lawyer shall not knowingly make a false statement of material fact to any member of court.
7.10.5 Confidentiality: An attorney must respect the confidentiality of his or her client's affairs.
7.10.6 Protecting Work Product: Protects materials prepared in anticipation of litigation by or at the direction of an
attorney from discovery by opposing counsel unless the requesting party shows a substantial need and has no
other avenue to obtain the information
7.10.7 Fee Sharing: The practice of sharing fees with professional colleagues in return for being sent referrals.
7.10.8 Conflict of Interest: Occurs when an individual or organization is involved in multiple interests, which could
possibly corrupt the motivation for an act in the other.
7.10.9 Supervision: Any lawyer having supervisory authority over another lawyer ensures that the other lawyer
conforms to the Rules of Professional Conduct.
7.10.10 Unauthorized Practice of Law: The doing of a lawyer's work by a non-lawyer.
SLIDE 11: OBLIGATION: DOCUMENTATION
7.11.1 Staying organized and keeping complete records is very important.
7.11.2 Follow these steps to ensure that all of your records are clear and organized.
7.11.3 Keep detailed and complete documentation of critical decisions and actions.
7.11.4 Track the progress of the case and produce a record to demonstrate what was done, by whom, when and how it
was done.
7.11.5 Being able to show how work was performed is especially important if the e-discovery practices are challenged.
7.11.6 Create an e-discovery documentation folder to provide a valuable repository of critical information about e-
discovery in the case. This will assist in proper management and defensibility of the project.
7.12.1 In this module you have learned about your obligations under the Federal Rules of Civil Procedure. These
include:
Protecting attorney-client privilege

7.12.2 In addition, your ethical obligations fall under the following broad categories:
Competent Representation: The legal knowledge, skill, thoroughness and preparation reasonably necessary
for representation.
Candor: A lawyer shall not knowingly make a false statement of material fact to any member of court.
Confidentiality: An attorney must respect the confidentiality of his client's affairs.
Fee Sharing: The practice of sharing fees with professional colleagues in return for being sent referrals.
Conflict of Interest: Occurs when an individual or organization is involved in multiple interests, which could
possibly corrupt the motivation for an act in the other.
Supervision: Any lawyer having supervisory authority over another lawyer ensure that the other lawyer
conforms to the Rules of Professional Conduct.
Unauthorized Practice of Law: The doing of a lawyer's work by a non-lawyer for money.
7.12.1 Congratulations! You have completed Module 7 of this course. Take a short quiz below to test your recall of the
subject matter covered.
Module 8: Collection Planning and Implementation
8.1.1 Hi, it’s Amy. This is module 8 and it covers e-discovery collection, planning, and implementation.
8.2.1 Now that we have studied your ethical obligations and practice management techniques, we’re going to look at how to put
all of the pieces together and implement an effective e-discovery plan. You will learn about:
The ESI collection processes, including targeted acquisition, write-protection, and verification
Using hash values and collections from unallocated or dead space
Who can conduct ESI collections: the client, custodians, or a third-party
Forensic collections, including making a forensic copy of a hard drive
Collections from Cloud computing, ephemeral storage or temporary storage
Creating a reasonable collection strategy: one that addresses what ESI should be collected, when the ESI should be
collected, and how the ESI should be collected
8.3.2 Collection is the process of gathering and assembling ESI for review. The process may also include forensic collection.
8.3.3 A hash value is an algorithm generated from a string of text, which represents a unique value for a specified set of data, like
a digital fingerprint or a VIN number for a car.
8.3.4 Dead space (or unallocated space) is the areas of a hard-drive not allocated to active data. Data still exists in these areas
but it is often fragmented or in unusable formats.
8.3.5 A shared network resource is a device or folder on a computer that can be remotely accessed from another computer.
8.3.6 You should now understand the following terms: Collection, Hash Value, Dead Space, and Shared Network Resource.
SLIDE 4: ESI COLLECTION PROCESS
8.4.1 There are three components of the ESI collection process. They are: whole or targeted acquisition, write-protection, and
verification.
8.4.2 A Targeted Acquisition will only collect specified files based on custodial designation (all files in an particular user’s inbox,
for example), or by applying search terms or other filtering criteria, such as date range or file type.
8.4.3 Write-protection prevents writing to a file during the collection process and maintains the integrity of the file metadata
associated with each document.
8.4.4 Verification is complete when the hash values of the original files are confirmed as being the same as the hash values of the
acquired copy of each file.
SLIDE 5: ESI COLLECTION PROCESS: WHO IS INVOLVED?
8.5.1 Collecting ESI can be accomplished by the client, custodians, or a third-party gathering ESI for further use in the e-discovery
process.
Button Interaction
Client (Button)
Once documents or files have been preserved, collection can begin

Transfer or acquisition of data for review
Includes: Servers, PCs, Macs, Linux, Windows, iOS, Android, handheld devices, tables, databases (financial, CRM, ERP),
structured and unstructured data
Custodian (Button)
Proper planning and careful implementation can reduce time & money spent
Proper collection can guard against future disputes
Process must be defensible, proportionate, efficient, auditable and targeted
Third-Party (Button)
May impact and expand the scope of the discovery process

May provide feedback for the identification of further collections
Collection costs can be significant
SLIDE 6: UNDERSTANDING UNALLOCATED SPACE AND METADATA
8.6.1 Unallocated space is where deleted files are relegated, and where many applications store temporary files while the
application is in use.
8.6.2 Preserving data in unallocated space requires forensic collection using special software tools.
8.6.3 For active data, there are two types of metadata, system and file metadata, and each have different jobs.
8.6.4 System Metadata is data involving the architecture of a computer system. Time stamps of when file was last modified,
accessed, and created as well as where the file is physically located in the volume.
8.6.5 File Metadata is data about a file and is stored within the file, including information like the printed date and time,
timestamps, author information, and edits.
SLIDE 7: VALIDATING COLLECTION OF ESI
8.7.1 There are two aspects to validating the collection of ESI.
8.7.2 They are: (1) validating that all ESI has been collected, and (2) validating the authenticity of the ESI collected.
8.7.3 Validating that all ESI has been collected. Over-inclusive collection of ESI, coupled with repeatable, documented, and
defensible methods to cull and search ESI, will be most effective.
8.7.4 Validating the authenticity of ESI collected. There are two validation methods: (1) creation of documentation (the chain-of-
custody log) and (2) testimony by the ESI collector about what was done.
SLIDE 8 SHARED NETWORK RESOURCES

8.8.1 Shared network resources are devices, files, or other data shared throughout the network.
8.8.2 Examples of shared network resources are: e-mail servers, document servers, file servers, and other numerous resources
shared across the network.
SLIDE 9: SERVER TYPES
8.9.1 There are dozens of different server types.
8.9.2 However, two of the most important server types for e-discovery are document servers and file servers.
8.9.3 Document Servers: maintains imaged and native documents and shares resources with multiple users.
8.9.4 File Servers: Contains common electronic documents created by users, such as files created with Microsoft Word, Excel,
PowerPoint and Adobe PDF. There are two ways to collect data from a file server: forensic collection software and targeted
acquisition
SLIDE 10: FORENSIC COLLECTION
8.10.1 Forensic collection makes a forensic copy of a hard drive that includes every bit of data on that drive, including data in
unallocated spaces.
8.10.2 One constant is the need to have detailed and complete documentation of the critical decision and actions made during the
collection process.
8.10.3 Whether or not a file server should be forensically collected depends on the nature of the investigation. Most often,
though, collecting the active data and relevant network shares is appropriate.
8.10.4 If extracting an event, log, intrusion, or other time critical event, forensic imaging of the entire server may be necessary.
SLIDE 11: FORENSIC COLLECTION PROCESS
8.11.1 Normal collection processes generally involve straightforward copying that maintains the integrity of the metadata of the
ESI as it exists on the system.
8.11.2 Because forensic collections are much more invasive and inclusive, there is a greater risk of disclosure of information that is
either irrelevant to the matter or protected by privilege claims.
Button Interaction
Protocol (Button)
The protocol must also provide for a means of verifying the integrity of the work that has been done by maintaining an
untouched mirror copy of the inspected materials.
A forensic protocol must ensure that the process is carried out in a way that will produce reliable information
consistently, so the individual conducting the collection can testify. This is distinct from a forensic process, which
incorporates a much deeper examination of a multitude of different kinds of data on a device.
There are no standard protocols for forensic inspection. The forensic protocol created by the parties must therefore
mitigate the risk of disclosure of irrelevant or protected information.
Parties and courts generally consider the same issues when crafting protocols:
o Qualifications and objectivity of the inspector
o Methods that the inspector(s) will use
o Detailed sets of instructions for exactly what is subject to inspection and copying
o A means of verifying the integrity of the work
Software (Button)
The software and process used must, at least, be capable of write-protecting the files during the collection process and
maintaining the integrity of both the system and file metadata associated with each file/document.
Forensic collection software not only makes a bit-for-bit copy of a disk, it will also collect every file on a server, unless a
logical forensic collection is done. A logical collection might be of a mapped drive on a physical hard drive, collecting
the files that are mapped but not the entire drive.
Defense (Button)
The degree of forensic defensibility will be vary for different ESI collections. This decision must be made on an
individual basis depending on the cost, accessibility, and needs of the case.
It is important to maintain rigorous chain-of-custody controls that document all collection steps, from initial access to
the point of storage or processing, and ensure that nothing about the data is altered or degraded.
Forensically Defensible Collection: a forensically sound collection will preserve all potentially relevant metadata that
may be used by the trial team in its claims. This collection type utilizes a "write-blocker" to prevent alteration of source
media when a device is attached to retrieve the data.
A collection by a third-party vendor will often be the best method for bad faith or extremely high risk cases.
SLIDE 12: DATA IN THE CLOUD: WEB-BASED STORAGE AND E-MAIL
8.12.1 Cloud computing refers to storing, accessing, and producing files and data from Internet-based resources.
8.12.2 Virtual hosting and cloud computing are variations of off-site hosting of data accessed by a network connection, VPN, or
otherwise.
8.12.3 If the producing party uses cloud computing, there might be evidence of documents that meet search criteria but the actual
documents are not found on local storage media or computers.
8.12.4 It is generally improper in civilian litigation to seek to collect data directly from the Internet Service Provider (ISP).
8.12.4 Click here to learn more about data held by the ISP.
Static Layer
Web-based mail, such as Yahoo or Gmail, is hosted on the ISP's server rather than a company's e-mail server.
Web mail account holders may consent to the export of their mail from the ISP's server, but the ISP may not be required to
grant access to the data.
The best method of collecting web-based e-mail is to direct a discovery request (or, if a non-party, a subpoena) to the
owner of the data, who will then access and produce the data directly.
SLIDE 13: FLASH, TEMPORARY AND EPHEMERAL DATA STORAGE
8.13.1 Ephemeral storage is another term for temporary storage.
8.13.2 Flash media such as thumb drives and temporary storage devices leave behind artifacts and sometimes applications that
indicate what activity was being conducted.
8.13.3 Almost all the data accessed across the network will leave Temporary Internet Files, or digital records of data’s movement.
8.13.4 When a storage device is connected to a computer, the computer keeps track of the device type, manufacturer, serial
number, and other unique identifiers of that device in the computer's registry. Such information may be collected if
needed in a particular case through forensic methods.
SLIDE 14: THE DATA OF INSTANT MESSENGER WEBSITES
8.14.1 Yahoo Messenger, ICQ, and MSN Messenger leave logs of entire conversations by default, including friends' usernames, in
common areas of the hard drive.
8.14.2 That means a conversation with a friend or co-workers might be automatically logged by a computer.
SLIDE 15: COLLECTION STRATEGY
8.15.1 A reasonable collection strategy must address what ESI should be collected, when the ESI should be collected, and how the
ESI should be collected.
8.15.2 What must be collected: the total universe of potentially collectible ESI will usually have been defined during the process of
formulating the internal preservation directive or litigation hold. The universe usually consists of four main categories of
data locations: Individual employee files, Department/group files, Enterprise databases, and Backup media
8.15.3 When it must be collected: not all data identified for preservation needs to be collected right away. Some data may never
need to be collected. Collecting all data that has been preserved may unnecessarily inflate costs and overwhelm the legal
team with irrelevant data.
8.15.4 How data should be collected: once the timing of collection from a data location has been decided, the legal team must
assess what level of forensic defensibility should be employed for the collection.
8.15.5 Use of a collections checklist can ensure the uniformity of collection across cases and can insulate the party and law firm
from sanctions later.
SLIDE 16: QUALITY CONTROL
8.16.1 In general, broad collections, coupled with repeatable, documented, and defensible methods to cull and search ESI are
most easily documented.
8.16.2 Courts are increasingly sensitive to the costs of e-discovery and the concept of proportionality, which should be taken into
account when assessing the scope of the collection.
8.16.3 In some cases, the use of software tools will aid in validating the collection of ESI. Failure to use commonly accepted
methods and technologies may expose the client to additional risk, cost and time.
8.16.4 If a dispute arises about the integrity of a piece of information, the hash value of the current data can be compared with the
originals.
SLIDE 17: COLLECTION TIPS
8.17.1 These are a few tips to remember when handling the collection, planning, and implementation processes:
When wrongdoing is suspected, don't sneak-a-peek at a computer without forensic collection.

Don't wait or delay to preserve a device.
Don't assume that mobile devices are the same as computers.
8.17.2 Additional tips to remember are:

Always document the process.
Never assume that a device is not encrypted.
Do not save time/money by using traditional file copy methods.
Don't process everything at one time.
Test and sample different search terms and expressions.
Examine foreign language types.
8.18.1 In module 8 you have learned the following terms and practices:
Collection: the process of collecting assembling ESI for review.

Hash value: an algorithm generated from a string of text, which represents a unique value for a specified set of data,
like a digital fingerprint or a VIN number for a car.
Dead space: area of a hard-drive not allocated to active data. Data still exists in this area but it is not in a familiar
format.
Shared network resource: a device or folder on a computer that can be remotely accessed from another computer.
Targeted Acquisition: collecting specified files based on custodian designation (all files in an inbox, for example), or by
applying search terms or other filtering criteria, such as date range or file type.
Who can conduct ESI collections: the client, custodians, or a third-party
E-Discovery validation: confirming that all ESI has been collected.
Forensic imaging: making a forensic copy of a hard drive that includes every bit of data on that drive, including data in
unallocated space.
Cloud computing: storing, accessing, and producing files and data from Internet-based resources.
Ephemeral storage or temporary storage.
Reasonable collection strategy: one that addresses what ESI should be collected, when the ESI should be collected, and
how the ESI should be collected.
matter covered.
Module 9: Data Processing
9.1.1 Hi, it’s Amy. This is module 9 and it covers data processing.
9.2.1 In this module you will better understand the following topics in the context of e-discovery:
Data Processing
Pre-Processed Data
Processing Data
Metadata
9.2.2 In order to successfully process data in e-discovery, you must understand the following concepts:
How to avoid risky behavior when reviewing data.

Processing data to prepare it for compliance with a document request.
How to acquire and use metadata, or data that describes other data.
How to successfully process data as native format or image format.
Cost considerations, including:
Data Volume
Source Data
Output Specification
Production Deadlines
Managing Expenses.
How to cull or reduce data volumes before review begins.
Storing and /or disposing of data at the end of a matter
9.3.2 Data processing takes ESI in its native format, and prepares it for review.
9.3.3 Pre-processed data is referred to as "source data" or "raw data."
9.3.4 Processing data re-purposes the custodian's documents from their original business use and prepares them for compliance
with a document request.
9.3.5 At the most basic level, Metadata is data that describes other data. Some information that is considered metadata are:
authorship, classification, dates, track-changes, etc.
9.3.6 You should now understand the following terms: Data Processing, Pre-Processed Data, Processing Data and Metadata.
SLIDE 4: DATA PROCESSING
9.4.1 Processed data typically takes one or two forms: native format, near native format or image format. NOTE: it is very
common to process data in both native and image formats simultaneously, especially where there will be a great deal of
redaction.
9.4.2 Pre-processed data is referred to as “source” or “raw” data.
9.4.3 Processed data is referred to as a “review set”.
Button Interaction
Native Format (Button)
The data remains available in its original format and can be read using either the original application or a document
viewer (such as a review database).
Image Format (Button)
The data has been converted to an image format that can be read using an image viewer. The image can be endorsed
with Bates stamps, confidentiality legends, EXEMPT markings, redactions and other annotations. The image protects
the data from modification.
Near native format is another option, where documents are converted to HTML or another format.
Typically, select metadata values are extracted from the data during processing and, if possible, all data is rendered as
full-text searchable.
SLIDE 5: DATA REVIEW RISKS
9.5.1 Avoid risky behavior when reviewing data.
9.5.2 One example of risky behavior is when attorneys attempt to review data in its native format using native software
applications. This is usually done in an effort to save time and reduce costs.
9.5.3 This strategy usually lacks quality controls that ensure the attorney is finding and reviewing all the available data, such as
embedded objects and multiple levels of attachments.
9.5.4 Not to mention, this risky behavior will alter potentially relevant metadata and lead to spoliation if the data was not
preserved properly prior to review.
SLIDE 6: BENEFITS OF DATA PROCESSING
9.6.1 There are many benefits to processing any requested data for review.
9.6.2 A few of them are:
All source data is accessed, extracted and organized into discrete documents based on standard quality controls.
Data that is not readable by humans or is corrupted can be eliminated from the review set and accounted for on output
reports.
Exact duplicates can be identified, removed, and accounted for on output reports.
9.6.3 Additional benefits include:

Documents are made readable and searchable so attorneys can review them quickly.
Metadata can be extracted from documents and used to organize documents during review.
Documents can be loaded into a review database and coded for production.
Culling criteria can be applied to eliminate irrelevant material so that review becomes more efficient and thorough,
requiring less billable time.
SLIDE 7: CHALLENGES OF PROCESSING DATA FOR REVIEW
9.7.1 Data processing has its challenges just as any other phase of an e-discovery project.
9.7.2 A few of the challenges that an e-discovery specialist may face while processing data sets for review are:
Expense (this is the biggest challenge faced when processing data)

Time requirements - waiting for data to be processed can take a long time
Processed data requires validation and quality control before review begins
Processed data often requires special or proprietary software for review
SLIDE 8: TOOLS AND RESOURCES USED TO VALIDATE THE PROCESSED DATA
9.8.1 Collected ESI must first be entered into an appropriate software program or tool with processing ability.
9.8.2 After the data is processed, it must be validated.
9.8.3 Regardless of which entity processes the data, it is imperative that the resulting data sets are reviewed and that the process
is validated.
9.8.4 The processing software must provide logs of what was accomplished and what failed during processing.
SLIDE 9: SEARCH TERMS
9.9.1 When figuring out which search terms to use during the data review process, the e-discovery specialist must consider a few
options on methodology.
9.9.2 Click on each button to learn more
Button Interaction
Common Questions (Button)
Why do we need search terms?

o To locate relevant and eliminate irrelevant documents
o To deal with large volumes of documents
o Accuracy
o Speed
o Cost
What is being searched?
o Text of the document
o Metadata
o Attachments
o Images
How do you know if your search terms are working?
o Analyze the results
Hits
Non-hits (particularly important for privilege searches)
o Keep the non-hits for future searches if necessary
Never want to review same material twice, if possible
Search Techniques (Button)
Basic Keyword
o List of words likely to be contained in relevant documents
o Names, places, products, code words, abbreviations, misspellings
Boolean
o As used in Westlaw, Lexis, Google
o Cat AND dog
o Cat NOT lion
o Cat OR feline
o Quotations for exact phrases: ”cat food”
Proximity Searches
o Within document
o Within paragraph
o Within sentence
o Within a specific number of words
Process (Button)
Process for running searches

o Ideally, permit ample time for testing and refining
o Hits by term
Organization for review
o Hits by custodian
o Human analysis of erroneous hits and non-hits
o Counsel should determine what capabilities are available for search terms
o Formulating terms is also a big step in the search term process
Below are some examples of how to construct search-terms
o Witness interviews
o Names of key persons
o E-mail addresses
o First and last? Nicknames?
o Product/project/code names and numbers
o Consider input from opposing party
Searching beyond simple relevance
o Privilege searches
o Distribution to third-party
SLIDE 10: COST CONSIDERATIONS
9.10.1 The biggest challenge when it comes to data processing is expense.
9.10.2 When considering cost, there are a few things you may want to consider. They are: Data Volume, Source Data, Output
Specification, Production Deadlines and Managing Expenses.
Data Volume (Button)

Data volume is the primary driver of processing costs
Most data processing vendors bill according to extracted volume rather than compressed volume since the former is
the truer measure.
Volume may be difficult to estimate due to the prevalence of compressed file types in most computing environments,
e.g., PSTs, ZIP and RAR files. Hence, the data set collected from a custodian typically increases substantially during
processing as source files are extracted.
A best practice for determining budgetary needs and technical options before processing ESI is to extract all data
before processing.
Data extraction is less expensive than processing and is itself a prerequisite to full processing.
Once complete, extracted volume is known and a reliable budget can be calculated.
For unanticipated high volumes, plans of action can often be modified or re-negotiated before processing begins.
Source Data (Button)
Data that presents processing exceptions (i.e. data that cannot be processed by the software tool) can require re-
collection.
Data sets riddled with exceptions increase processing time, costs, intervention by project managers and complexity.
Common exception files are: compressed files that are password-protected, corrupt files, multi-media files, proprietary
file types and machine-readable files. These files must be resolved or accounted for on processing exception reports.
Unique or unusual files around or within a custodian’s source data can affect processing times and outputs. Often these
files will not convert to the desired output format without human intervention.
Identify custodians likely to have challenging data sets during custodian interviews: the more technical a custodian’s
business role, the more likely the custodian’s data will present exceptions during processing.
Prioritize data processing for custodians with technical jobs either at the beginning or end of your process when
possible.
Talk to these custodians about their file types during the custodian interview so that you can consider filtering files that
are not human-readable during data processing.
Output Specifications (Button)
Provide select file types in native format instead of image (spreadsheets, text files, and basic databases.)
Examples of deliverable considerations are: normalizing time zones, image endorsements, method for handling known
exceptions (e.g., substitute placeholder images for multimedia files).
Common output specifications are; Image (typically a .TIFF file), Native, Extracted Text/OCR, Metadata, and Database
load files.
“Begin with the end in mind.”
Before processing, determine the data format required for review and production. Make sure the output is compatible
with downstream needs, and draft processing specifications accordingly
Production Deadlines (Button)
The deadline will affect cost in tandem with volume, data complexities, and deliverable format requirements.
Production deadline will significantly affect project costs. Generally, the shorter the deadline, the greater the cost.
Managing Expenses (Button)
With a draft budget in hand, data processing and review strategies often have to be revised.
To move a budget past rates and towards actual, estimated dollar figures, collected data should be extracted before
committing to a review strategy.
Because volume is typically variable before processing, cost estimates are usually based on rates, not on estimated
prices for specific services.
Current practices call for using culling tools and techniques to distill a client’s data collection prior to review and
production. The data may be ingested into an early case assessment platform so it can be searched and accessed in
native format before being given to a review team. This strategy can reduce volume, cut costs and save time.
SLIDE 11: DATA CULLING VS. DATA PROCESSING
9.11.1 Sometimes, it is tricky to decide whether to cull data before collection or to process first and cull later.
9.11.2 The primary benefit of culling data is volume reduction before high-cost review begins. Depending on the platform used,
culling often occurs before data is processed to its final, production format. Still, data must be at least minimally processed
to stage it for culling.
9.11.3 The data must be made readable, searchable, and have select metadata values extracted for searching. Preparing data for
culling is generally faster, less expensive and technically easier than converting data for review and production. Culling
reduces the amount of data that must eventually be formatted for production.
9.11.4 De-duplication is the process of removing redundant files. De-duplication can be performed per custodian or across the
collection. Be careful, however, just because files are redundant does not always mean that de-duplication is a good idea.
9.11.5 De-NISTing is a technique used in e-discovery and computer forensics to reduce the number of files requiring review by
excluding operating system and off-the-shelf software applications. It’s called “de-NISTing” because those files are
identified by matching their hash values to a huge list of software hash values maintained and published by the National
Software Reference Library, a branch of the National Institute for Standards and Technology (NIST).
9.11.6 Fundamentally, data culling and data processing require similar technical procedures and quality controls – no matter that
their outputs and purposes may differ.
SLIDE 12: QUALITY CONTROL
11.12.1 When dealing with quality control, not only are there certain measures to be used when processing the ESI but critical
documents need to be used also.
11.12.2 Click the buttons above to learn more.
Measures for Processing ESI (Button)
Specifications
o Clear, accurate and complete
o Understandable to the technical reader, not just the lawyer
Validations
o Review the output reports to verify that everything ingested was exported, accounting for all items properly
eliminated during processing
o Review the export to verify that all specifications were applied correctly
Documentation
o Collect all reports on the process
o The reports will detail what data was processed, when, and subject to what criteria. Project logs should
explain why the data was (or was not) processed.
Project logs should also record problems, resolutions and identify the authority that authorized any process changes.
Critical Documents (Button)
Chain of Custody for all source files processed

Extraction Report
o Should identify total items extracted from the client’s source data and their total volume
Status Report or Overall Processing Report
o Should identify total items ingested by the system
o Should detail items eliminated when de-NISTing and de-duplicating
o Should identify total items exported
De-duplication Report
o Should identify, often by filename, all duplicates excluded from the data export and specify the identifier for
the original file that is within the export
Filtering Report
o Should specify the number of hits for each filtering criterion
Exceptions Report
o Should specify all files that did not process successfully to the specified output format
SLIDE 13: SUNSETTING PROCESSED DATA
9.13.1 When archiving a data set at the end of a matter, it is important to return to the client all source data and all exported or
production data.
9.13.2 However, the actual processed data that was extracted, filtered and prepared for export can be stored inextricably within
the processing software’s tables and might not be completely removed, only exported. It is important to understand what
is meant by removal of data.
9.13.3 Processed data is critical for future de-duplication efforts or for later broadening a production’s parameters.
9.13.4 Make sure arrangements are made with whomever did the data processing to store and maintain the actual processed data
until counsel determines all productions are complete, often years after the resolution of a case.
9.14.1 In this module you learned how to successfully process data in e-discovery, including:
How to avoid risky behavior when reviewing data.

For example, when attorneys attempt to review data in its native format using native software applications.
How to use pre-processed data, also known as "source data" or "raw data."
Processing data to prepare it for compliance with a document request.
How to acquire and use metadata, or data that describes other data.
Some information that is considered metadata are: authorship, classification, dates, track-changes, etc.
How to successfully process data as native format or image format. NOTE: it is very common to process data in both
native and image formats simultaneously.
When considering cost, there are a few things you may want to consider. They are:
Data Volume
Source Data
Output Specification
Production Deadlines
Managing Expenses.
How to cull or reduce data volume before review begins.
Lastly, you should understand how to make sure arrangements to store and maintain the actual processed data until
counsel determines all productions are complete.
covered.
Module 10: Predictive Coding
10.1.1 Hi, it’s Amy. This is module 10 and it covers predictive coding.
10.2.1 The exploding volumes of evidence available for litigation make it nearly impossible to manually review documents any
longer. In this module we will learn about technology-assisted review and predictive coding, which is the use of machine
learning technology to review electronic documents for litigation. You will learn about:
The difference between technology-assisted review (TAR) and predictive coding.

How workflows vary depending on the needs of the case
Sampling and coding a data collection.
Reviewing an initial data sample to determine yield
Reviewing documents coded by machine to verify quality
Reviewing a training set to define the coding concepts
Verifying and manually reviewing a production set
Important case law that has validated the use of computer technology in e-discovery review
Choosing the appropriate vendor for computer assisted review
10.3.2 Predictive coding is a type of computer-categorized review application that classifies documents according to how they
match concepts in sample documents.
10.3.3 Sampling is concerned with the selection of a subset of documents from within a certain scope to identify results from the
entire set.
10.3.4 Technology-assisted review (TAR) is not synonymous with predictive coding. TAR is a broader concept which encompasses
the use of a variety of software tools to facilitate a document review.
10.3.5 You should now understand the following terms: Technology-assisted review, predicting coding and sampling.
SLIDE 4: TECHNOLOGY ASSISTED REVIEW
10.4.1 For our purposes, computer-assisted review is the same as technology-assisted review.
10.4.2 Technology-assisted review (TAR) is not synonymous with predictive coding. TAR is a broader concept that encompasses
the use of a variety of software tools to facilitate a document review.
10.4.3 Some examples of TAR are: keyword searching, concept searching, clustering, discussion threading, “more like this”, near-
duplicate analysis and predictive coding.
10.4.4 Click the NEXT button to learn more about predictive coding.
SLIDE 5: PREDICTIVE CODING
10.5.1 Machine learning and statistical sampling have been around for decades.
10.5.2 Drag the slider to see the history of predictive coding within e-discovery.
Slider Interaction
2006: The 2006 e-discovery amendments to the FRCP created conditions where it was necessary to automate parts of the
document review process.
2010: In 2010, earnest efforts began for applying machine learning to legal document review.
2012: In 2012, the U.S. Federal Courts began affirming and in a few instances even requiring - the use of predictive coding.
SLIDE 6: PREDICTIVE CODING MISCONCEPTIONS
10.6.1 Before we delve deeper and discuss how predictive coding typically works, let’s address two common misconceptions.
10.6.2 MISCONCEPTION 1: predictive coding eliminates the need for culling, early case assessment, or other methods.
10.6.3 MISCONCEPTION 2: predictive coding eliminates or minimizes the role of the human reviewer.
10.6.4 Studies suggest that coding quality and consistency can be superior in the predictive coding model.
10.6.5 Click on each of the buttons to learn more about these misconceptions.
Button Interaction
PREDICTIVE CODING VS. TAR METHODS (Button)
Predictive coding is not necessarily a replacement for other TAR methods, particularly those tools used to cull blatantly
irrelevant data from a document collection before review begins. Two common examples of blatantly irrelevant
documents are (1) those outside the time period of interest or (2) those from entities outside the scope of discovery.
As we shall see, culling and predictive coding can work in tandem during document review - contingent upon whatever
workflow might be appropriate given the needs of a specific case.
REVIEWER’S ROLE (Button)
While the number of human reviewers can decrease when using predictive coding, the reviewer’s role is critical and is
at least as important as during a traditional review. The reviewer’s role now is to code all documents within the sample
set to refine the computer’s understanding of either a specific issue or the concept of responsiveness. The reviewer is
also responsible for validating the review result.
So, predictive coding changes the reviewer’s role but does not eliminate it. In the traditional model, many reviewers
who are typically distant from the actual facts of the case complete a rote, manual review. In the predictive coding
model, fewer reviewers with expert understanding of a case do the initial coding, set the standard for the review and
manage its quality.
SLIDE 7: ELEMENTS OF PREDICTIVE CODING
10.7.1 There are three critical elements to any predictive coding project. They are:
10.7.2 Human Review: Lawyers with expert knowledge of the case provide the coding definitions, review and control the
computer’s learning and assess the quality of the predictive coding that is applied to documents.
10.7.3 Workflow: Determining a defensible and appropriate sampling strategy is critically important.
10.7.4 Software: One of the first steps is to identify the appropriate analytic tools.
10.7.5 Because predictive coding generally involves the application of statistical sampling science to document review, the
selection of the service provider who will guide the sampling process is as important as the selection of the tool itself.
10.7.6 Selecting the software tool can be tantamount to selecting the vendor. The vendor will be the co-author, along with the
attorney overseeing production, of your process.
SLIDE 8: DEVELOPING A DEFENSIBLE STRATEGY
10.8.1 Workflow will vary depending on the needs of the case, the purpose of the review, the platform, time and cost constraints,
and the trial team’s preferences.
10.8.2 Many projects will involve the following steps:

Culling irrelevant and privileged documents from the collection.
Assembling a data sample. Coding the sample in a linear fashion.
Using the sample to assemble a “training set” or (”seed set”). Coding the training set.
Running the algorithm against the training set and comparing the machine coding with the human coding.
Repeating this process until the human reviewer is satisfied with the machine’s “understanding” of the coding criteria.
Running the algorithm so that the coding is applied to the rest of the collection.
Assessing the machine-generated coding. Manually reviewing the production set if desired.
Some predictive coding does not use a seed set, rather it uses continuous learning and adapts to new coding decisions.
SLIDE 9: DEVELOPING DATA SAMPLES
10.9.1 After culling, many workflows call for selecting and coding a sample from the collection.
10.9.2 The purpose of the initial sample is not to teach the system but rather to estimate the collection’s yield – that is, to see the
prevalence of responsive documents in the collection.
10.9.3 Often, but contingent upon your workflow, if there are sufficient responsive documents in the sample set (if the yield is
high enough) the sample can be used as the basis for the first training set.
10.9.4 However, since you won’t know in advance if the sample can also serve as part of the seed set, you should budget time for
reviewing both a sample and a large training set.
10.9.5 After the iterative process of training the system, the algorithm will “code” the rest of the collection. The form the coding
takes depends on the platform.
10.9.6 Some systems will actually apply the coding to the documents, some will only apply a “prediction score” or rank (leaving the
reviewers to bulk code documents with a desired score), and some will only sort or classify the documents.
10.9.7 Of course, predictive coding can be used, if desired, simply to sort, organize, or prioritize documents for review.
10.9.8 Remember: predictive coding is not a means of eliminating all manual review.
10.9.9 In a widely read case management order from July 2012, the court allowed the defendant to manually review all documents
after predictive coding but before production – to verify relevance, confidentiality concerns, and the absence of privilege.
Button Interaction
Data samples can be assembled in a variety of ways:

Convenience Sample (Button)
Assembled by gathering documents based on their accessibility.
Judgmental Sample (Button)

Assembled by applying a selected criterion (or criteria), e.g., documents from a given custodian, documents responsive to
key terms and so forth.
Random Sample (Button)

Assembled by pulling documents from the collection without considering the documents’ properties; every document has
an equal chance of getting included in the sample. A random sample, however is not necessarily a statistically valid sample.
Statistically Valid Sampling (Button)

A random sample assembled according to specific statistical criteria including the team’s required confidence level and the
acceptable margin of error.
SLIDE 10: PURPOSE OF THE LAWYER REVIEW
10.10.1 When preparing for any matter, it is critical to have a lawyer review key documents and processed data.
10.10.2 When a lawyer reviews all documents and data sets in a proposed case, they are doing the following:
10.10.3 Reviewing the initial sample to determine yield
10.10.4 Reviewing documents coded by the machine to verify quality – especially those assigned a low prediction ranking (or coded
non-responsive)
10.10.5 Reviewing the training sets to define the coding concepts
10.10.6 Verifying, and possibly manually reviewing the production set for privilege or quality control.
SLIDE 11: BENEFITS OF THE PREDICTIVE CODING
10.11.1 In a survey, respondents who had used a variety of the available tools on the market, noted surprise at how many training
iterations were needed before coding was applied correctly and consistently.
10.11.2 So make sure you always budget your resources accordingly.
10.11.3 One of the things to consider when preparing your budget are the benefits of predictive coding. They are:
Possible Cost-savings
Transparency: whether the software explains the basis for its prediction score or coding.
Confidentiality: since fewer reviewers see the documents.
Efficiency: the process can be faster, contingent upon the selected workflow and volume of documents.
Replicability: when prediction scores or coding can be recycled for future matters.
SLIDE 12: PREDICTIVE CODING: IS IT APPROPRIATE?
10.12.1 Sometimes predictive coding is not appropriate to use and other times it is.

Button Interaction
Appropriate (Button)
Cases with hundreds of thousands of documents

Cases with significant numbers of custodians
Cases with clear issues or definitions for relevance
Cases with very tight time frames
Not Appropriate (Button)
Cases with low document volumes

Cases with documents in multiple languages (depending upon the platform’s capabilities)
Records that are not text based
SLIDE 13: PROJECT CONSIDERATIONS
10.13.1 There are several key considerations that must be made before you begin a predictive coding project:
Vendor Considerations
Software Considerations
Current Case Considerations
Button Interaction
Vendor Options (Button)
Is the vendor competent and prepared to assist with workflow design and methodology – particularly when it comes
time to calculate the document totals needed for the sample and training sets?
Can the vendor help defend the workflow in court, if necessary?
Is the vendor financially solvent? Remember your case might be around for a long time. Will the vendor?
Is the application easy to use?
Software Options (Button)
Are the reasons for the software’s coding suggestions apparent or is it another instance of a “black box”?
How good are the system’s reporting capabilities?
How fast is the system?
How does the system handle additional data loads during an existing coding project?
Is it worth the price?
Current Case Considerations (Button)
How well does the application integrate with the downstream and upstream tools in use on the case - data collection,
processing, and early case assessment tools (if separate) as well as the production and exhibit repositories?
Can any of the predictive coding work product be recycled for future, similar matters?
SLIDE 14: IMPORTANT U.S. CASES
10.14.1 We are going to review two early U.S. cases that were critical to the defensibility of predictive coding.
Button Interaction
DaSilva Moore V. Publicis Groupe; 11 Civ. 1279 (S.D.N.Y. Feb. 24, 2012): (Button)
This was the first opinion to approve the use of predictive coding.
Global Aerospace V. Landow Aviation, L.P.; No. Cl 61040 (Loudon Co. Va. Cir. Ct.): (Button)
Validated the use of predictive coding and the results.
10.15.2 In this module we learned about Technology-assisted review (TAR) and predictive coding.
Predictive coding is a type of computer-categorized review application that classifies documents according to how they
match concepts in sample documents.
Sampling is the selection of a subset of individuals or documents from within a certain scope to approximate results
from the entire set.
Technology-assisted review (TAR) is not synonymous with predictive coding. TAR encompasses the use of a variety of
software tools to facilitate a document review.
Despite claims to the contrary, predictive coding does not eliminate or minimize the role of the human reviewer.
Workflows will vary depending on the needs of the case, the purpose of the review, the platform, time and cost
constraints, and the trial team’s style preferences.
After culling, most workflows call for selecting and coding a sample from the collection.
When a lawyer reviews all documents and data sets in a proposed litigation case, they are doing the following:
Reviewing the initial sample to determine yield
Reviewing documents coded by the machine to verify quality – especially those assigned a low prediction
ranking (or coded non-responsive)
Reviewing the training sets to define the coding concepts
Verifying, and possibly manually reviewing, the production set
You should choose a vendor based on the specific needs of a client or case.
A number of important cases have discussed the use of computer technology in e-discovery review:
DaSilve Moore v. Publicus Group; 11 CIV. 1279 (S.D.N.Y. FEB. 24, 2012)
Kleen Products, LLC v. Packaging Corp of America; 1:10-CV-05711 (N.D.ILL.)
Global Aerospace v. Landow Aviation, L.P.; NO. CL 61040 (LOUDON CO. VA. CIR. CT.)
covered.
ACEDS Online E-Discovery Training Script
Module 11: Data Culling
11.1.1 Hi, it’s Amy. This is module 11 and it covers data culling.
SLIDE 2: OVERVIEW
11.2.1 In this module you will learn about data culling. Data culling eliminates unnecessary data and reduces the amount of data
needed to be reviewed. You will discover:
The first step in data culling

How to validate the sources and custodians of data
The goals of successful data reduction
Common culling errors
The four steps of data reduction:
de-NISTing
Eliminating irrelevant file paths
Omitting file types
Eliminating files below a certain size
11.3.2 Data Culling eliminates unnecessary data and reduces the amount of data needed to be reviewed.
11.3.3 De-duplication is the process of removing exact copies, and sometimes near matches, from a particular data set.
11.3.4 de-NISTing removes all files on a specific list that are deemed to have no evidentiary value.
11.3.5 Early Case Assessment provides a foundation for creating overall case strategies. Considerations include the type of trigger
event, facts of the case, value of the damages, the capability of your opponent, your judge’s sophistication in e-discovery
and history of imposition of sanctions, negative inferences and other noteworthy orders and decisions, date range, key
words, case merit, risk analysis and other considerations.
11.3.6 Early Data Assessment is the process of performing tasks which provide insight to what your data looks like before it is
processed.
11.3.7 You should now understand: Data culling, De-duplication, de-NISTing and Early Case Assessment and Early Data
Assessment.
SLIDE 4: GOALS OF DATA CULLING AND DATA PROCESSING
11.4.1 There are many goals to data culling and data processing. A few of them are:
11.4.2 To determine custodians (To, from, author metadata), date ranges, duplicates, file types, file sizes
11.4.3 To reduce the overall data set in order to remove as many non-responsive, irrelevant documents as possible
11.4.4 To filter and/or search with test searches
11.4.5 To identify specific keyword searches
11.4.6 To determine the number and complexity of keywords
11.4.7 To detect 'noise words'
11.4.8 The ultimate goal of data processing and culling is to enable a defensible reduction of the number of documents that need
to be reviewed.
SLIDE 5: BEFORE DATA PROCESSING
11.5.1 The method used to cull data can be just as important as the actual culling.
11.5.2 One first step in data culling can be to sample the original data corpus in its entirety prior to culling. Sampling validates the
planned timeline, identifies the company's goals up front, uses representative data, and validates the sources and
custodians.
11.5.3 But keep in mind that this step may not be very useful for investigatory work.
11.5.4. Early Case Assessment can allow time periods to be defined. Time periods can be different for each custodian and source.
Eliminating data before and after relevant time periods reduces the data set.
11.5.5 The next step is early data assessment, which allows you to know what your data looks like before you process it, the scope
of the project, the project costs, and the effectiveness of your chosen keywords. For example, a project that contains
numerous spreadsheets would likely drive a decision to use a review platform appropriate for reviewing spreadsheets.
SLIDE 6: AGGREGATING THE PROCESSED DATA
11.6.1 Before data reduction can begin, the data must be processed, validated, and imported into the tools or software that will
be used.
11.6.2 The steps for aggregation may include: Restoration of backups or archival data sets, converting legacy items, extracting
contained or compressed files, and cataloging and indexing the data.
SLIDE 7: POTENTIAL DATA PROCESSING ERRORS
11.7.1 When processing data, the e-discovery specialist must be aware of potential errors that may occur.
11.7.2 A few of these potential errors are: No document text, or missing scanned images, encrypted files, password protected
files, and legacy or specialty formats.
11.7.3 Remember: Processing needs to be repeated until it is as error free as reasonably possible, and where it is not possible,
logged as an exception.
SLIDE 8: ACCOMPLISHING DATA PROCESSING
11.8.1 The e-discovery specialist needs effective and efficient software and other resources to handle large amounts of data.
11.8.2 Prior to any software selection being made, the entire discovery process must be considered.
11.8.3 Some questions that should be asked, negotiated and confirmed are: Is the production going to be in native format? How
many record custodians are involved? Are multiple languages involved? How much data is involved? What file types are
prevalent? How fast does discovery have to occur?
SLIDE 9: DATA DE-DUPLICATION
11.9.1 Data de-duplication is the process of removing exact copies of the same document from a data set.
11.9.2 The basic goal is reducing the amount of data that needs to be reviewed.
11.9.3 Remember the de-duplication method generally needs to be determined before data processing can begin.
11.19.4 De-duplication can be done either within a custodian's data, across all custodians’ data (also known as “global
deduplication”), by suppressing duplicates from the reviewers while keeping them in the set. Today’s document review
platforms can usually track all the custodians in possession of a single document or email.
11.9.5 Email threading is an approach that can help organizations save time and money in e-discovery. Email threading technology
reconstructs email threads, enabling the presentation of messages within the entire thread or family from which the email
originated. This can allow a review team to review the entire thread once, and not the component parts of the thread as
they built over time.
SLIDE 10: DE-DUPLICATION AND ITS APPLICATIONS
11.10.1 Remember that de-duping methods, features, and capabilities may not be available in all e-discovery products.
11.10.2 It is critical that you are able to understand and explain the deduplication method your processing software is using.
11.10.3 It is critical that you keep a detailed log of all the culling methods used on a case. Opposing counsel could ask questions or
even serve discovery about your culling methods. You may even need to prepare a witness for a deposition about it.
Button Interaction
Within-Custodian Method (Button)
This method of de-duplication will only remove duplicate files that exist more than once within a given custodian's data
collection.
If users CC/BCC themselves, the email could be present in ‘Sent Items’ and Inbox/Folder location. De-duplication would
remove all but one of the copies.
Across-Custodian Or “Global Deduplication” Method (Button)
This method removes duplicate data from the review set, with the exception of the first instance of the file. Typically
the custodian who processed the first file would typically have the 'master' version. It is a major advantage to remove
all duplicative data from document collections, saving time in review and when attorneys are running searches after
production to find specific documents.
However, there are two potential problems:

1. It may be difficult to find a surviving copy of the particular document if a custodian is removed after de-
duplication.
2. It can be misleading to produce only one copy of a document that was in many custodians' collections. On
workaround for this problem is that today, many processing and platforms allow the tracking of all custodians who
were in possession of a document and you can therefore create a production log that identifies all of the holders of
a de-duplicated document. Choose your platform wisely to take advantage of major cost savings allowed by global
deduplication.
Duplicate Suppression (Button)
This method is more commonly used once the review is completed.

The duplicates are suppressed during review and re-inserted after review.
SLIDE 11: DATA CULLING
11.11.1 You should remember that data culling is a process that is used to filter irrelevant data from collections, which helps to
reduce the overall volume of documents that need to be collected and reviewed.
11.11.2 There are two primary benefits to data culling. They are:
1. to make document reviews more efficient by allowing key documents to be identified and irrelevant
documents eliminated from the review queue, reducing costs
2. To save money in hosting charges, since most third-party vendors will charge by volume.
11.11.3 When culling is performed, the e-discovery specialist must consider different filter options and keyword searches.
11.11.4 Certain file types may be filtered out of the review set depending on the case: Pictures (i.e. jpeg, TIFF), Sound/Audio,
Corrupted files, Encrypted/Password protected files, Files with Viruses and System Files.
11.11.5 One can filter by keyword searches; however, be aware that search engines differ from vendor to vendor, software tool to
software tool.
SLIDE 12: REDUCING THE DATA SET
11.12.1 By using the correct culling method, a custodian can ensure he or she removes and accounts for irrelevant data before
processing.
11.12.3 Before data is indexed for processing, it can be culled by the following criteria: Removing all files or file types that are
deemed to have no evidentiary value. Removing all documents with certain file paths. Eliminating all files that fall below a
certain size threshold, for example, very small image files
SLIDE 13: DATA CULLING: STEP BY STEP
11.13.1 Data culling has four steps. They are:

11.13.2 Removing files that are commonly known and have been identified to be associated with system files (e.g., Microsoft
Windows, Linux, Mac OS, etc…). This process is commonly known as “de-NISTing." “NIST” stands for “National Institute of
Standards and Technology.”
11.13.3 Eliminating irrelevant file paths. This process should be given careful consideration, as folder structures of otherwise
unstructured data are often very useful in discovery.
11.13.4 Omitting certain file types that are uniquely associated with the client’s computer system, but that were not omitted in the
de-NISTing step.
11.13.5 And eliminating files below a certain size (e.g., GIF files in email).
SLIDE 14: DE-NISTING
11.14.1 As previously stated, de-NISTing is a process that removes all files on a specific list deemed to have no evidentiary value.
Button Interaction
Origin Of De-Nisting (Button)

De-NISTing is not some magical process. The name is derived from the National Institute of Standards and Technology
(NIST), which developed and maintains the list that contains millions of documents/files that are known to be associated
with computer system files.
Potential Reductions (Button)
The de-NISTing process can reduce document collections by 50% and many times up to 80% or 90% depending on the
system and actual user data.
Example: Windows 8 Size Reduction (Button)
An example of possible savings: the Windows 8 operating system contains almost 20 gigabytes of information that would
be removed by the de-NISTing process, saving time and money during review.
11.15.1 Data Culling eliminates unnecessary data and reduces the amount of data needed to be reviewed. You should have learned:
One first step in data culling is sampling. Data sampling can help teams manage proposed timetables, identify targets
up front, and validate sources of data.
Before data reduction can begin, the data must be processed, validated, and imported into the tools or software that
will be used.
When processing data, the e-discovery specialist must be aware of potential errors that may occur. Potential errors
include:
No document text
No text accompanying scanned images
Encrypted files
Password protected files
Legacy or specialty formats.
Data culling can have four steps. They are:
Removing files that are commonly known and have been identified to be associated with system files or “de-
NISTing."
Eliminating irrelevant file paths.
Omitting file types that were not omitted in de-NISTing
Eliminating files below a certain size (e.g., GIF files in email)
matter covered.
Module 12: Technology Issues
12.1.1 Hi, it’s Amy. This is Module 12 and it covers technology you may encounter or utilize when collecting source data from a
custodian.
12.2.1 In this module, you will learn that there are many places that ESI can be stored within an organization. There are also
specific technology and tactics for preserving different data types. These include:
On-premise storage
Data center storage
Cloud services
You will learn the five main methods for collecting data:
Active Collection
Forensic Collection
Self-Collection
Backup Tape Recovery
Remote Collection
You will learn how cloud storage technology changes e-discovery
Also be aware of the types of transient storage:
Flash storage
Temporary storage
Ephemeral storage
How data is overwritten and deleted
Initiating discovery from disaster recovery media
12.3.2 Cloud computing refers to the use of a network of remote servers hosted on the Internet to store, manage and process
data.
12.3.3 Robocopy is a command-line directory replication command. It is valuable because it does not alter metadata when
copying or transferring the data when certain switches are used.
12.3.4 Forensic Image Collection is a bit by bit copy, or mirror image, of the storage systems on a computer. Forensic collection is
typically done by specialized professionals. It is valuable when data is suspected of having been stolen, deliberately deleted
or otherwise compromised.
12.3.5 A client is an application installed on a desktop computer that connects to a server or web based central repository.
12.3.6 You should now understand: Robocopy, Forensic Image Collection, Client and Cloud Computing.
SLIDE 4: ESI STORAGE SYSTEMS

12.4.1 There are many places that ESI can be stored within an organization, either on-premises, in a data center or cloud service.
12.4.2 It may reside in unstructured systems or structured systems, and may exist as active data, archived, legacy, and/or deleted
data.
Button Interaction
Unstructured Systems (Button)
You can think of unstructured data storage systems as large unorganized repositories where lots of various file types and
content can be stored and managed without the format of the content file being understood by the system.
File Servers (including email)

SharePoint Sites
Laptops
Desktops
Cell Phones
PDA
Tablets
MP3 Players
Copy Machines
Voicemail Systems
CDs/DVDs/Flash Drives/External Hard Drives
Structured Systems (Button)
An example of a structured system would be a database containing rows and tables.
In addition to structured data, there is semi-structured data, which follows a set of rules but not a set of field limits. One
example of semi-structured data is chat logs. Chat logs are records of instant messaging applications, and follow a set of
rules, identifying the username of each conversant, text of the conversation, the times of each message, and in some
instances, an IP address; however, the messages themselves have attributes of unstructured data.
ARCHIVED DATA: Archived data is old data that has been placed in long term storage. An example of archived data is
backup tapes. Archived data tends to be more costly to restore and use.
LEGACY DATA: Legacy data is Information stored in an old or obsolete format or computer system that may be therefore,
difficult to access or process. Legacy data tends to be costly to convert to a format that is useable.
DELETED DATA: Deleted data requires an expert to recover from unallocated and slack space with forensic tools. Forensic
collection is more costly.
SLIDE 5: COLLECTION METHODS
12.5.1 There are five main methods for collecting data.
12.5.2 Active Collection, Forensic Image Collection, Self-Collection, Backup Tape Recovery and Remote Collection.
12.5.3 Hover over each button to learn more. When you are done, click the NEXT button to continue.
Button Interaction
Active Collection (Button)
Data readily available

Data typically collected and documented by the e-discovery team
Forensic Image Collection (Button)
Bit by bit copy (mirror image)

Active and inactive data (deleted data)
Typically requires an expert
Formal chain of custody documentation follows the collection
Self Collection (Button)
User provides requested data

Drag and drop
Courts and parties increasingly recognize the downfalls of allowing “self-collection” performed by lay, or non-IT
personnel, for the following reasons:
1. Stakeholder custodians may be unable to be objective in the process, particularly when they have an interest in the
outcome of the case
2. Persons not formally trained and experienced in collecting data likely will be unable to do it in a defensible manner or
in a manner that does not compromise the integrity of the metadata
3. Lay persons do not think about evidence the way legal professionals do. Documents that seem unrelated to a lay
person may be found relevant by legal professionals and they tend to collect too narrowly
Large companies often have on staff trained Information Governance and Information Technology personnel who can
competently and objectively collect ESI. Individual custodians who are parties to lawsuits, particularly those with no
background and experience in collecting ESI, should have their data collected by vendors or other trained professionals.
Remote Collection (Button)
Performed via a secure remote internet connection to the designated server. Like self-collections, a “kit”
containing an external drive to store data and acquisition software is required. To enable remote access, a remote
access application is needed, which is typically part of the software package that comes in the collection kit or
downloaded from a website.
Backup Tape Recovery (Button)
Backup tapes are still found in many corporate environments, and some courts have ruled that documents on
backup tapes are discoverable for litigation as long as the cost to recover is not prohibitively expensive.
SLIDE 6: E-MAIL SERVER TYPES
12.6.1 It is important to know the different types of email servers available. Preserving and Collecting data from the server can
provide a more complete and effective harvest of a custodian’s email account.
12.6.2 Some examples of email platforms are Exchange, IBM Notes, GroupWise and cloud based.
EXCHANGE (Button)
Client is called Outlook

Stores archived messages in container files like PST or OSTs on the client machine
LOTUS NOTES (Button)
Stores messages in NSF files
GROUPWISE (Button)
Messaging platform that supports e-mail, calendaring, instant messaging, etc.

Platform consists of client and server software, which is compatible with most operating systems
CLOUD BASED (Button)
Office 365- Outlook.com

Gmail
Yahoo Mail
SLIDE 7: UNDERSTANDING E-MAIL SERVERS AND CLIENTS
12.7.1 In the past, e-mail was somewhat straightforward to understand, with a client connecting directly to an e-mail server.
12.7.2 Recently, e-mail has matured and moved to many new places. A user’s e-mail generally still resides on a server. However,
exactly where that server is can often be difficult to determine.
12.7.3 With the explosion of cloud based and free e-mail providers (Yahoo, Gmail, Hotmail, etc.), getting a clear picture of where
the data resides requires careful review.
12.7.4 E-mail servers are responsible for storing, processing and delivering e-mail to the client or intended recipients. There are
many types of e-mail server platforms, each with a different method of storing the data.
12.7.5 A client connects to a server to retrieve and view data. A client also creates data and transmits that to the server, however,
it may not necessarily store that data on the client device.
12.7.6 E-mail clients have evolved from desktop application to web-based apps and can connect to a variety of mobile devices.
SLIDE 8: DATA IN THE CLOUD: HOW WEB-BASED STORAGE AND E-MAIL WORKS
12.8.1 Data stored in the cloud has quickly become the "new normal” in data storage. The cloud provides access to data from a
variety of end-points and users.
12.8.2 Data is either sent to the provider in bulk for loading or uploaded to the cloud via web applications or file transfer.
12.8.3 Cloud computing services vary greatly from provider to provider. There are also different types of clouds such as private,
public, free, and fee-based service models.
12.8.4 The exact location of where data is stored is sometimes very difficult to determine. Most cloud service providers replicate
copies of customer data to many hosting centers around the world.
12.8.5 Click each of the buttons to learn more about data storage in cloud models.
Button Interaction
Private Model (Button)

Enterprises are adopting private clouds in large numbers. A private cloud network is a virtual infrastructure located in
provider’s data centers operated solely for a single organization, and managed either internally or by a third-party IaaS,
PaaS and SaaS available under this model.
Public Model (Button)
Public cloud applications, storage services, and other products are available to the general public by service providers.
These services are free or offered on a pay-per-use model.
Fee-Based Or Subscription Model (Button)
Cloud hosted e-mail may be able to be accessed from a variety of methods for a fee. Web browser access, e-mail
applications, and smart phone apps may all be able to access the same data. This creates the possibility of multiple copies
of the data in different places.
SLIDE 9: PROCESSING IN-HOUSE
12.9.1 There are advantages and disadvantages to processing data sets internally. Some of the advantages are: Sending less data
to outside vendors should result in spending less on processing costs. Data is maintained within your firewall, increasing
security. First pass review can be performed in-house in a consistent manner.
12.9.2 There are certain disadvantages to processing data sets in-house. Those primary disadvantage is that additional staff may
be needed. Also, increasingly, data is evolving and it is challenging to train in-house staff in all the data techniques and tools
needed.
SLIDE 10: PROCESSING: OUTSOURCING
12.10.1 There are many advantages and disadvantages to outsourcing the processing of data sets.
12.10.2 Vendors may provide the best available technology, infrastructure and support. Vendors are increasingly offering fee
structures that are more cost-competitive and you can hire a vendor that has expertise in the areas needed for a given case.
12.10.3 There are disadvantages to outsourcing, though. If the relationship with a vendor sours, data that has already been
processed and reviewed may be in jeopardy. Know your vendor, understand your cost contract, and base hiring decisions
on sound guidance.
SLIDE 11: SHARED NETWORK RESOURCES
12.11.1 Document servers and shared network resources refer to allocated space on a shared electronic storage platform.
12.11.2 This storage is then made accessible to other networked users and the software “clients” installed on their machines.
12.11.3 The type of electronic data and the complexity of how that data is stored varies greatly depending on the applications used
to create, store and manage the data.
Button Interaction
Network Resource (Button)
A network resource could be any “resource” accessible on the network. This could be a network share, website, portal,
and many others applications. Each of these resources can store data in very different ways.
Server (Button)
A “document server” may be a simple shared folder on a server where users store all of their documents in an organized
fashion, or could be a part of a complex multi-server document management system. In the later example, one server may
have the actual document file and or content (and its system metadata), and another may hold all of the other metadata
about that document (i.e. author, client/matter, access and modification history, audit and tracking data, control number,
title).
Shared Folders (Button)
A shared folder on a network share or “mapped” drive allows users to collaborate, access, create, modify and delete
electronic data. This can be any type of data (documents, databases, pictures, etc.).
SLIDE 12: DOCUMENT RETENTION POLICIES
12.12.1 The volume of data that organizations maintain has been growing exponentially and is expected to continue to do so.
12.12.2 Without document retention policies organizations tend to unnecessarily stockpile data.
12.12.3 Many users do not delete documents for fear they may be needed in the future.
12.12.4 Records management is a discipline within many organizations, and has well defined best practices.
12.12.5 Document retention policies will vary greatly depending on the type of organization.
12.12.6 Many industries are heavily regulated, and must retain records by law.
12.12.7 Regulators can determine how long an organization must keep documents.
12.12.8 A good document retention policy can help an organization maintain a manageable volume of data over time.
SLIDE 13: UNDERSTANDING FLASH AND TEMPORARY DATA STORAGE
12.13.1 There are several different types of transient storage. They are: flash storage, temporary storage, and ephemeral storage.
Storage consists of drives -- hard, optical, USB, solid state -- vs. memory which consists of RAM chips that lose their content
when power is removed.
12.13.2 Flash storage interacts with applications and operating systems in the same way that traditional storage does but is more
portable.
12.13.3 Temporary storage is just that, temporary. Typically this type of storage is used by computer operating systems for system
files or other temporary storage operations.
12.13.4 Ephemeral storage is another term for temporary storage although the context is increasingly used to refer to disk storage
in a cloud environment.
Button Interaction
Flash (Button)
When flash storage interacts with an operating system, it leaves traces of its interaction. These traces may include device
type, manufacture, serial number and other identifiers of a particular device in the operating systems registry.
Ephemeral (Button)
Mobile devices (BlackBerries, iPhones, Tablets, etc.) operate much in the same way that Flash storage does when
connected. However, many of these devices also have applications that synchronize data (e-mail, documents, or pictures)
with storage on the connected computer.
Temporary (Button)
A great deal of information can be found in the temporary storage of a computer system, including a significant amount of
information of the user’s Internet activity.
SLIDE 14: DATA LOCATION AND DATA FORMS
12.14.1 It is very important to understand data storage to ensure proper preservation and collection of ESI.
12.14.2 Ask the following questions: Is the storage stand alone or part of a network? Is the storage part of a physical machine or a
virtual environment? Is there security or encryption software in effect that might interfere with collection? Is the system
legacy and difficult to examine? Are there information or system policies in place that pertain to the storage of the ESI at
issue?
SLIDE 15: UNDERSTANDING THE DIFFERENCE BETWEEN SYSTEM AND FILE METADATA
12.15.1 There are two different types of metadata. They are system metadata and file metadata.
12.15.2 System metadata are attributes recorded by the operating system of a file. These attributes may include timestamps (last
modified, last accessed or last written to), physical location, size, name of the computer and owner of the file.
12.15.3 File metadata are attributes about the file contained within the file itself. These attributes are generally applied to file by
the application used to create the file and may include additional timestamps, data about edits, revisions, authors, and
user-supplied information.
12.15.4 File and system metadata is fragile and can easily be altered - simply opening a file alters the metadata. It is very important
for the preservation of metadata to ensure that write-protecting hardware and software is used in the collection process.
SLIDE 16: UNDERSTANDING HOW A COMPUTER OVERWRITES DATA
12.16.1 Computers write data to hard drives to store data. How data is overwritten and deleted is a critical fact for you to consider.
Button Interaction
Deletion Process (Button)
When a file is “deleted” the operating system designates the space on the hard drive as over-writeable. Until the space
on the hard drive is actually overwritten, the previous data still exists on the storage device.
Macintosh and some third-party applications allow for the “secure” deletion of data. This is accomplished by
immediately overwriting the space that the original data resided with zeros.
Hard-Drive Design (Button)
Hard drives consist of tracts, clusters and sectors. A sector is the smallest unit of a hard drive that can actually store
data – for example, 512 bytes.
Unallocated space or free space on a hard drive is simply areas of the hard drive not occupied by active data. There
may be data in these sections of the hard drive which are parts of previously “deleted” files waiting to be overwritten.
More About Clusters (Button)
Clusters are made up of sectors. Eight sectors make up a cluster for a total of 4096 bytes or 4 kilobytes (4KB). This is
the smallest section of a hard drive that can actually hold a file.
If a file is smaller than the cluster the space between the end of the file and the end of the cluster is 'Slack Space.' Data
can be retrieved from this space.
SLIDE 17: MANAGING DISASTER RECOVERY MEDIA
12.17.1 Disaster recovery media comes in tape and other formats. Backing up to disk and cloud have become more common.
12.17.2 Consider encrypting backup media. Third-party providers may provide this service.
12.17.3 Create a plan for how third parties will access the data.
12.17.4 Specialized formatting of the disaster recovery media may dictate the use of specific hardware or software to access it.
SLIDE 18: SOCIAL NETWORKING WEBSITES
12.18.1 ESI from social networking sites may be relevant to a matter and subject to preservation, collection, review, and ultimately
production.
12.18.2 Traces of social media ESI may reside on the hard drive of the computer that accessed the site.
12.18.3 Some applications like ICQ or MSN Messenger leave complete logs of conservations on the hard drive of the computer.
12.18.4 Some organizations have technologies in place to filter, monitor or log users’ Internet usage.
12.18.5 Getting access to a custodian’s social network information without their consent may require a court order.
SLIDE 19: RISKS AND BENEFITS OF OFF-SITE DATA STORAGE ACCESS
12.19.1 Disaster recovery, virtual hosting, cloud services, and co-location are all variations of off-site data.
12.19.2 The one commonality of all off-site storage is that they require some type of network connection.
12.19.3 This could be a site-to-site connection, VPN, or web-browser based connection.
12.19.4 Often the data will leave traces in temporary files of either the specific application or operating system during transit.
12.19.5 Organizations often move data to off-site storage facilities -- like data centers or cloud providers for lower operating costs
and higher availability. However, organizations often fail to track or audit these storage methods as rigorously as on-site
storage solutions.
SLIDE 20: HOW HARDWARE AND SOFTWARE CHANGES IMPACT ESI
12.20.1 Click each of the buttons to learn more about how hardware and software changes can affect ESI.
Button Interaction
Impact Of Software Upgrades (Button)
Software upgrades to operating systems and applications occur frequently. Examples are anti-virus software, word
processing applications, Windows and Macintosh operating system updates.
System restore points are often created prior to an upgrade being performed. These system restore points are created
by the operating system automatically and are transparent to most users.
In most cases the individual data files created by the applications are not affected in any appreciable manner, however
newer versions may not recognize or be able to open older versions and vice versa.
Hardware Maintenance (Button)
Routine hardware maintenance performed correctly should not affect stored information.
File paths listed on link files, System Restore Points, and other metadata may be affected for newly installed hardware.
When systems are decommissioned or reallocated it is critical that the responsible party for the system to determine if
the data contained on it is subject to retention or litigation hold.
In the case of litigation hold, either the original undisturbed storage, a copy or a forensic image should be retained.
When hard drives are reallocated, data may still be located on the storage device and subject to a litigation hold.
Database Structure and Data (Button)
Databases are like many elaborate inter-related spreadsheets (“tables”). These table groupings contain data input from
connected to a specific application or function. Databases can be thought of as highly structured and organized
reservoirs of information sometimes at the service of another program
Databases consist of tables, fields and records. Records contain the substantive aspect of the database or other user
application but there is no static, reviewable “document” file.
Tables are a group of fields that typically pertain to the same general subject - For example, information about
employee location or customer payments.
Fields are single categories of information.
The output of databases is reports.
Reports are structured outputs based on the input fields from the user.
Databases contain log files that keep track of the input transactions in the database. These files are useful in
determining changes to the data in the database.
Forensic examiners should understand how data is stored in a database in order to present ESI for litigation in a way
that accurately reflects its purpose.
12.21.1 In this Module, you have learned that there are many places that ESI can be stored within an organization and technology
and tactics for preserving that data.
Data can be stored either on-premises, in a datacenter or cloud service.

There are five main methods for collecting data:
Active Collection
Forensic Collection
Self-Collection
Backup Tape Recovery
Remote Collection
Data stored in the cloud has quickly become the "new normal” in data storage.
There are several different types of transient storage. They are:
Flash storage
Temporary storage
Ephemeral storage
Storage consists of drives -- hard, optical, USB, or solid state or memory/RAM chips
It is vital to consider how data is overwritten and deleted.
Disaster recovery media comes in tape and other formats.
ESI from social networking sites may be relevant to a matter and subject to preservation, collection, review, and
ultimately production.
Disaster recovery, virtual hosting, cloud services, and co-location, are all variations of off-site data.
matter covered.
Module 13: Review Planning
13.1.1 Hi, it’s Amy. This is module 13 and it covers review planning.
13.2.1 In this Module, you will learn how to manage the most important steps in the document review process, including how to:
Develop a project plan and overall strategy

Decide on a review location
Select team members and training
Identify workflow requirements
Select a potential vendor-hosted review platform
Review for Privilege
Perform quality control and validation
Negotiate terms with opposing counsel under Federal Rules of Civil Procedure (FRCP) Rule 26(f)
Negotiate a Clawback agreement
13.3.2 A review refers to the evaluation of documents for relevance to a discovery request and to identify privileged information.
13.3.3 Coding refers to the process of reviewing documents and summarizing key elements in a structured format.
13.3.4 Quick peek refers to an initial production in which documents are made available to the opposing party before being
reviewed for privilege or other protections.
13.3.5 A Clawback is an agreement between parties that stipulates the retrieval or destruction of privileged documents that have
been inadvertently produced in discovery and that such inadvertent production will not consititute a waiver of privilege.
13.3.6 You should now understand: Review, Coding, Quick Peek and Clawback.
SLIDE 4: DOCUMENT REVIEW
13.4.1 Why do we do document review? According to Federal Rules of Civil Procedure, Rule 26, any parties may obtain discovery
regarding any non-privileged matter that is relevant to another party's claim or defense, subject to proportionality.
13.4.2 A document review is necessary because it not only distinguishes relevant data from irrelevant data, it also provides to the
trial team information and evidence about the facts and issues of the matter.
13.4.3 A successful document review should be guided by a set of documents that govern the execution and project management
of the review process. These documents are commonly referred to as the “review protocol” or “review procedure.”
13.4.4 Try to limit the scope of what needs to be reviewed where possible using targeted collection and filtering and culling
techniques prior to a manual review. Other advanced technologies can be used prior to or in combination with a human
review to reduce the amount number of documents the human reviewers must read.
13.4.5 Also determine if the discovery is all ESI or mixture of ESI and paper. Decide what you intend to do with the paper
component. Converting it to an electronic format to incorporate into the ESI data set is often the most sensible.
SLIDE 5: DOCUMENT REVIEW PROCESS STEPS
13.5.1 The document review process has several steps. They are to develop a Project Plan and Overall Strategy, decide on a
Review Location; Team Member Selection and Training; identify Workflow Requirements; select a Potential vendor Hosted
review platform; conduct the Review; review for Privilege; and to perform Quality Control and Validation for production.
SLIDE 6: PLAN AND STRATEGY
13.6.1 You should always have a document review strategy.
13.6.2 It should be formulated before the meet and confer meeting between opposing attorneys.
13.6.3 The meeting (which is a required meeting under Federal Rules of Civil Procedure (FRCP) Rule 26(f)) between attorneys
should accomplish the following:
13.6.4 Resolve preservation, production, and privilege questions, including- whenever possible- the creation of a clawback
provision
13.6.5 Make decisions with an eye toward costs and proportionality
13.6.6 Establish project deadlines, which include:
13.6.7 Collect and restoring data
13.6.8 Processing, searching, and hosting data
13.6.9 Review of the data (first and second pass, privilege reviews)
13.6.10 Determine the production format of the ESI
13.6.12 Discuss the use of technology to manage and assist with the review of large amounts of data
13.6.13 Discuss how each party plans to eliminate irrelevant data.
SLIDE 7: REVIEW LOCATION AND TEAM MEMBER SELECTION TRAINING
13.7.1 Remember, when planning for a review, your team and its training is important.
Button Interaction
Location Selection (Button)
The physical and or virtual location of your review should be secure

You should possess appropriate technology capabilities
Install and test hardware and software you will be using
The review platform provider should provide IT support during review
Team Member Selection (Button)
Select a lead attorney responsible for the review. He or she should be:
o Knowledgeable about the matter
o Experienced in review projects
o Familiar with the review application and IT in general
Team Selection
o Includes the project manager if not the lead attorney
o Depends on volume of data, timeline and budget
o Subject matter experts may be required
Training (Button)
Training on the matter

o Specifics of the document request
o Facts or issues at issue in the matter
o Examples of common codes being used
Subjective - issues for relevancy, protective order designation (POD) or facts
Privilege and Confidentiality
Key or hot documents
Objective
Documents used to be coded for dates, names, keywords. This is typically extracted and applied during
processing
Training on the Technology
o Searching
o Sampling
o Locating assigned document sets
o Coding/tagging pallet interface
o Elevating documents for further review
o Annotating documents to convey key information
o Redacting documents
o Expectations regarding review rates
Training and support
o Know if vendor provides training and at what charge
o Is training for new software releases provided?
Cost Considerations (Button)
Controlling Costs
o Work with e-discovery team to streamline workflow - methods, technologies like analytics.
o Select the application or software tool that meets the review needs; may not require all the bells and whistles
o Set realistic goals to ensure quality and to reduce need to re-review
o Notify appropriate parties about any unanticipated costs
o Use available reporting tools in the application to track progress
SLIDE 8: IDENTIFY REVIEW PLATFORM’S WORKFLOW REQUIREMENTS
13.8.1 The features and functions of the review application will influence the actual workflow.
13.8.2 For example, when tagging and coding documents, can you use bulk coding? Can emails be tagged separately from their
attachments? Can you control inconsistent coding? Can documents be easily redacted?
13.8.3 The search tools in the program should be able to search full text and metadata. It should be capable of using wild cards,
proximity searching, near-dupe detection and other standard and advanced search capabilities. It must also be able to sort
results by date, custodian or subject.
SLIDE 9: DOCUMENT REVIEW PROCESS
13.9.1 The review process is the most time consuming, error prone and costly part of e-discovery. Create a review guide to define
the process and help reviewers make informed decisions based on: specifics of the document request, facts or issues at
issue in the matter, and Codes being used, such as Privilege and Confidentiality. The guide should be clear, set realistic
goals for reviewers and help to enforce a consistent management structure to oversee the review. Use reporting tools in
the application to track the project and reviewers' progress.
13.9.2 Conducting the actual document review includes:
13.9.3 Suppressing or ignoring documents not relevant to the matter. Use automated methods of culling when available. Culling
can quickly identify and eliminate large collections of material that is not relevant, speeding up the review and avoiding
costs.
13.9.4 Identifying relevant documents to produce: Assign numbered document sets to reviewers. Review for relevance, privilege
and particular issues and tag accordingly. Review for confidentiality or privacy and redact as necessary.
13.9.5 Document Categorization: Review data can be automatically or manually sorted based on concepts and/or key players or
other distinctions inherent to the data. Make sure you know what data are not included in the searchable index so that
those files do not escape review, for example, sound files or PDFs without text.
13.9.6 Privilege Review: Ideally, the data would be searched and tagged for privileged names, email addresses, law firm domains
or legal terms before reviewers review those documents. Reviewers could then be “on notice” that a document is
potentially privileged, and review it to confirm that all the elements of a privileged communication or attorney work
product are present.
SLIDE 10: QUALITY CONTROL AND VALIDATION PROCESS
13.10.1 Quality control and due diligence should be performed at every stage of the review process to ensure consistent and
accurate document designation.
13.10.2 The review team should be able to tag documents for “further review” when unsure of coding.
13.10.3 The review platform should be able to apply quality control restrictions such as automatically tagging duplicate documents
and families of documents such as threaded emails and attachments.
13.10.4 Include a second level review of all documents to be produced or a sample of them by senior attorneys.
13.10.5 You should also assess random samples of the team’s coding to check for inconsistencies.
SLIDE 11: VENDOR AGREEMENTS
13.11.1 Vendor and counsel should be clear regarding the review software’s production capabilities and coding fields prior to
initiating the review.
Button Interaction
Privilege Log (Button)
Vendor and counsel should ensure a privilege log can be generated for documents coded as privileged.
Confidential Logs (Button)
Vendor and counsel should discuss other mechanisms (such as logs and automatic restrictions) that are available in the
review program to ensure confidential and redacted documents are specially recognized and properly handled.
SLIDE 12: PRODUCTION CONSIDERATIONS
13.12.1 Provide comprehensive production logs cross-referencing production ID numbers to document ID numbers.
Build in enough time for:
Converting to image format if requested.

Resolving inconsistent tagging of documents
The vendor to process ESI (if necessary)
Quality control checks
A sample production run - this should be performed to identify technical issues before the deadline
13.12.2 You should also assemble complete records of the discovery process including details of the collection, processing, review,
and production for future reference. The opposing party can seek discovery regarding these processes and workflows.
SLIDE 13: TIPS TO AVOID WAIVING PRIVILEGE
13.13.1 Negotiate a Clawback agreement during the meet and confer conference. This is designed to address the problem of
privilege waiver.
13.13.2 You can ask the judge incorporate your discovery agreement into an order. This will ensure the court can help enforce
clawback agreements. Also, you can extend this protection to third parties if the agreement is incorporated into a court
order.
13.13.2 As stated above, a “clawback agreement” is an agreement that protects against privilege waiver in the event that privileged
materials are produced inadvertently.
13.13.3 A quick peek agreement allow the opposing party to receive a production that has not been reviewed for privilege.
13.13.4 Federal Rule of Evidence Rule 502, enacted in 2008 was designed to eliminate confusion and conflicting rules about waiver
from inadvertent production.
13.13.5 Click the button to learn more about Rule 502.
Button Interaction
Rule 502 (Button)
Federal Rule of Evidence 502 protects against the inadvertent production of privileged documents in Federal court
cases
It generally establishes that accidental production of privileged content will not result in waiver
There is presumption against subject matter waiver
It encourages use of protective orders including ‘clawback’ agreements, which are agreements between the parties and
endorsed by the court
It can be enforced without a court order; however, to extend that protection to third parties there must be a court
order
It is always advisable to perform at least a minimal search for privileged material before production. While you can
“claw” a document back with a clawback agreement, you cannot make the document recipient “un-know” the
information that was in the document
502(d) orders can protect in other matters and other courts.
SLIDE 14: DOCUMENT REVIEW PROCESS KEY ITEMS
13.14.1 The document review process should address a few key items. They are:
Responsiveness determination--the factors which make a document responsive to a discovery request. Factors can
range from a single characteristic to numerous characteristics and based on numerous facts
Scope and complexity of the review - the more data and/or the more complex the responsiveness determination, the
more time, risk, and cost involved
A comprehensive review and project plan. Know what your review strategy is and obtain the most appropriate review
software, if possible, before initiating the review phase. Document your plan and negotiated agreements.
Technology Selection, including whether the review program is to be provided in-house or outsourced, and whether
the review database needs be shared with external parties
The Quality Control Plan should cover issues such as what tasks will be done to ensure the production is accurate, what
redactions were applied, and the correct document fields are produced in the load file.
Review Team - selection, training, expectations, and time allowed
13.15.1 The document review process has several important steps.
Developing a project plan and overall strategy

Deciding on a review location
Selecting team members and training
Identifying workflow requirements
Selecting a potential vendor-hosted review platform
Reviewing for relevance and Privilege
Performing quality control and validation
Negotiating terms with opposing counsel under Federal Rules of Civil Procedure (FRCP) Rule 26(f)
Negotiating a Clawback agreement
matter covered.
Module 14: Document Review
14.1.1 Hi, it’s Amy. This is Module 14 and it covers some fundamental elements of document review.
14.2.1 The document review process is a critical phase of an e-discovery project. You will learn:
How to document your search and review procedure, including:

The program used for review
How you allocated sets of data
Use of predictive coding or other TAR methods
How to build a privilege log
When to use a clawback provision
The art of verifying results to ensure quality control
Launching a review training
Communicating with partners and opponents
Engaging in Quality Control for a defensible review process
14.3.2 A document is a computer file that contains text, and possibly formatting instructions.
14.3.3 A privilege log is a document that describes documents or other items withheld from production in a civil lawsuit under
claims such as attorney-client privilege, work product doctrine, or trade secrets.
14.3.4 Search terms can be used to help create a relevant review set or find particular responsive files in the review set. They are
the basic subjective, matter-specific building blocks of a Boolean search or a weighted search.
14.3.5 File location refers to the original exact location on a computer system of a particular file when it was first collected from
the source.
14.3.6 You should now understand the following terms: Document, Privilege Log, Search Terms, and File location.
SLIDE 4: UNDERSTANDING THE DOCUMENT REVIEW PROCESS
14.4.1 The document review process is a critical phase of an e-discovery project.
14.4.2 In order to properly manage the document review process, there are several steps you should take. They are:
Check if any agreements have been reached between the parties.

Establish clear criteria and standardized processes
Understand how the information was collected by your client or vendor and from the responding party. How is it
organized?
Document your search and review procedure. Identify the program used to review, how you allocated sets of data, and
any use of predictive coding or other methods.
Verify your results to ensure quality control
SLIDE 5: THE CODING FRAME OR PALETTE
14.5.1 Developing a coding or tagging screen requires analysis of the issues in the case, as well as an evaluation of the search
capabilities of the review database.
14.5.2 Coding screens typically contain data fields for documents that are responsive or non-responsive, privileged, or confidential.
SLIDE 6: COMPLEXITY OF THE CASE AND REVIEW PROCESS
14.6.1 The complexity of the case will have a direct impact on the cost of e-discovery.
Button Interaction
Structuring The Review (Button)
Before costs can be estimated reliably, it is essential to design the structure of the review:
o Complexity of the coding schema (number of tags the reviewers will be applying)
o Sophistication of the privilege issues presented by the facts of the case
o Number of passes of review that are anticipated
Review Efficiently (Button)
The most efficient way to organize a review can be with numerous decisions during a single pass review rather than
through separate review phases of the same material.
Privilege Review (Button)
There are several types of privilege review you can do. They are:
WORK PRODUCT PRIVILEGE
o Work product protects something that is tangible, whereas attorney-client privilege may be communicated by
either a tangible (i.e., written) or intangible method (i.e., orally)
o Documents should have been prepared in anticipation of litigation or trial
o Documents were prepared by the client, the attorney, or an agent for either the client or the attorney at the
direction of the attorney
ATTORNEY-CLIENT PRIVILEGE
o Must be a communication, and
o By and between the attorney (or his/her agent) AND a client (or his/her agent), and
o Made for the purpose of giving or receiving legal advice, and
o Made with the expectation of confidentiality
Other Possible Privileges:
o Joint Defense/Common Interest
o Trade Secret
The attorneys should be involved throughout the process, not just at the end. Communication with the trial team must be
protected to retain the privilege.
Review Training (Button)
Training, Communication and Quality Control are essential to provide defensibility to the review process. Attorneys should
be involved throughout the process.
SLIDE 7: CREATING REVIEW SETS
14.7.1 Depending on the review platform in use, one of the very first steps in the document review process is creating review sets.
14.7.2 If organizing the review data into sets, it’s important to ask certain questions when creating them . These questions include:
Whose information is it?

What was the search criteria used to locate the information?
Do the documents appear to fit the criteria used?
How is the information organized?
What are the lawyers' priorities?
14.7.3 A methodology of moving from limited to expanded review sets is an efficient way to design the review sets, because each
set of materials will need to be reviewed only once.
14.7.4 It is critical to maintain a record or a copy of the material that was not captured initially for review, so that any additional
ESI to be reviewed can be taken exclusively from this subset of the entire data set.
SLIDE 8: WHOSE DATA IS IT?
14.8.1 Before you can review any documents, you must create data sets. The most common question at this phase in the process
is, who does the data belong to?
14.8.2 The data can belong to one particular custodian, multiple custodians, "orphaned" or unknown sources, or collaborative
sources like SharePoint.
SLIDE 9: REVIEWING THE DATA SET
14.9.1 As stated in your previous classes, reviewing the data set for inaccuracies is required.
14.9.2 Remember, everything should be accurate, repeatable, and defensible.
14.9.3 When you are reviewing the data sets you must make sure to analyze the efficiency and accuracy of search terms that
created the data sets.
14.9.4 Documents that “hit” on search terms must be reviewed. If too many irrelevant documents are being returned you are
experiencing “noise”, also commonly referred to as “false positive” search results.
14.9.5 In case of noise, search criteria must be refined, optimized and tweaked to get the desired results.
14.9.6 Results must be only the relevant information that needs to be reviewed.
SLIDE 10 CONSTANT REFINEMENT
14.10.1 Review techniques must be constantly refined.
14.10.2 Remember, time, money and perhaps even the case can be saved with an efficient and effective search.
14.10.3 Narrow the search if too many irrelevant documents are found, broaden the search if too few relevant documents are
found, add or remove search terms, and explore and use a variety of tools to locate responsive documents with minimal
false positive search results
SLIDE 11: HOW THE INFORMATION IS ORGANIZED

14.11.1 The information in a data set can be organized in many different ways. Some of them are: chronologically, by custodian, by
location, by documents containing certain search terms, alphabetically, by concept, or by e-mail chains, also commonly
referred to as conversation threads.
SLIDE 12: SEARCHES DEFINED
14.12.1 Searches utilize sophisticated algorithms. For example, Concept Searching typically uses linguistics.
14.12.2 Latent Semantic, Bayesian Technologies, and other search technologies might also be used. Discovery tools often utilize
several different methods.
14.12.3 Results obtained from one tool may not yield the same as the results from another.
14.12.4 Remember, courts may not accept the results of certain technologies. Gaining agreement with your opposing counsel on
newer methodologies can avoid later problems in court. It is wise to utilize the advice and support of a skilled project
manager with experience in the tools, processes and technologies to ensure repeatable, defensible results.
SLIDE 13: DATA CULLING REVISITED
14.13.1 You should remember that data culling involves: De-duplication, search terms, date filters, and de-NISTing
SLIDE 14: EFFECTIVE SEACRH TERMS
14.14.1 It is possible to reduce the data set even more.
14.14.2 Click on each of the data culling methods to learn more.
Button Interaction
Wild Cards (Button)
Symbols used to replace one or more characters (i.e., E-Disc*very)
Stemming (Button)
Reducing a word to its root form. For example, the words “walking,” “walks,” and “walker” would all have the root of
“walk.”
Boolean Logic (Button)
Logical strings using connectors such as: “AND”, “OR”, and “NOT".
Proximity Searching (Button)
Looks for two or more separately matching terms that occur within a specified distance (e.g., oak within 1 word of tree)
Concept Searching (Button)
Uses proprietary algorithms to find conceptually similar information, e.g., little, small, tiny, minimum, or the conceptual
difference between a baseball “diamond” and a “diamond” ring.
Stop Words (Button)
Common words that are pointless to search for and are excluded from searching and indexing (e.g., the, and, with)
SLIDE 15: DATA CULLING QUESTIONS

14.15.1 Remember, when you are preparing your data for review to ask these important questions: Did you run search terms across
all of the custodians/date ranges? Did you modify or omit any search terms?
14.15.2 Did you add custodians or search terms to the review? Did you expand or contract date restrictions? Were documents
added after the initial review?
SLIDE 16: DE-DUPLICATION REVISITED
14.16.1 De-duplication is the process in which identical copies of documents are removed or suppressed from the data set.
14.16.2 This is accomplished by creating and comparing hash values for each document; exact copies will have the same hash value.
Any modification, no matter how small, will cause the hash value to be different.
SLIDE 17: HASH TECHNIQUES
14.17.1 A hash function is any algorithm that reduces documents or any large collection of information to a single numeric value of
fixed length.
14.17.2 There are three major hash techniques used. They are MD5, SHA-1, and SHA-2.
Button Interaction
MD5 (Button)
Message-Digest Algorithm that produces a 128-bit (16-byte) hash value
SHA-1 (Button)
Secure Hash Algorithm that produces a 160-bit (20-byte) hash value
SHA-2 (Button)
Secure Hash Algorithm. SHA-2, includes four hash functions with 224, 256, 384, or 512 bits equivalent to 8, 32, 48 and 64
Bytes.
SLIDE 18: MORE ABOUT DE-DUPLICATION
14.18.1 De-duplication can occur across all data in a collection, by individual custodian, by file location, or by data source. If you de-
duplicate by individual custodian only, you will likely wind up with many duplicate files in your data collection. Only global
deduplication aims to eliminate all duplicates.
14.18.2 Some e-discovery software allows for “near” de-duplication, in which documents with some percentage of similarity can be
suppressed or removed from the collection.
14.18.3 This can provide some efficiency in reviewing drafts of the same documents where there are only small variations.
14.18.4 But be careful; little changes can make or break a case, and in some cases may cause confusion and allegations of
withholding documents, which may result in sanctions.
SLIDE 19: PRIVILEGE LOGS
14.19.1 A privilege log identifies what documents are being withheld from the discovery production.
14.19.2 The log will contain sufficient information to describe the document including author, date, type of document, distribution
list, high level description of subject matter of the document, and type of privilege asserted.
14.19.3 The log will be produced so that the opposition may challenge the assertion of privilege, in the hopes of having the
document produced.
SLIDE 20: BUILDING THE PRIVILEGE LOG
14.20.1 In order to build an effective privilege log, there are a few steps you should follow.
Button Interaction
Counsel (Button)
Counsel should review the court’s requirements for a privilege log (e.g., level of detail needed, specific information).
Review Team (Button)
Since the review team understands the facts and documents they should be involved with the privilege log’s creation.
E-Discovery Tools (Button)
With proper planning, the e-discovery tool utilized should be able to assist in the production of the privilege log through the
use of its tagging or checking feature. Then counsel can simply fine-tune the privilege log.
Quality Control (Button)
Quality Control and transparency (i.e., workflow, how the documents were identified, and collection methods), is essential
to provide the needed level of defensibility to the privilege log.
SLIDE 21: PRIVILEGE REVIEW BEST PRACTICE
14.21.1 The best practice for privilege review is to search the review data set using a list of search terms that will likely help identify
privileged documents.
14.21.2 Some potential search terms for privileged documents include the names and internet domains of in-house and outside
counsel, paralegals, and other legal staff. They may also include legal words such as deposition, subpoena, interrogatory,
privileged language (i.e., "produced for settlement discussion purposes only")
14.21.3 Be sure to provide all reviewers with a list of people and topics that may involve privilege
14.21.4 Quality control is crucial in privilege review.
14.21.5 The potential for producing privileged material may be mitigated depending on when errors are identified during review.
14.21.7 The parties should have a discovery agreement in place that includes a “clawback” provision, meaning inadvertently
produced privileged documents can be “clawed back.” Otherwise, the court may deem the privilege to be waived, or it may
require the receiving party to return or destroy the privileged information.
SLIDE 22: ONGOING PRIVILEGE REVIEW
14.22.1 Privilege review is an ongoing process during review.
14.22.2 The e-discovery tool selected for review can help by continuing to highlight privileged search terms and provide checkboxes
or tagging features to identify the type of privilege.
14.22.3 Counsel should have regular meetings and training sessions to review the definition of privilege and how it might pertain to
the information being reviewed.
SLIDE 23: PROTECTING PRIVILEGE
14.23.1 Privilege logs are often the subject of attack. Having too many or too few documents can cause problems with maintaining
the privilege.
14.23.2 After the first level review is conducted, privileged documents are marked. These documents should be re-checked with a
critical eye so that documents that are not truly privileged and are responsive to the discovery request are removed from
the privilege log and appropriately designated for production.
14.23.3 Any privileged documents that are not marked, but should be, should also be identified as privileged and included in the
privilege log.
14.24.1 The document review process is a critical phase of an e-discovery project. In order to properly manage the document
review process, these are the important criteria:
Understand how the information was collected

Document your search and review procedure, including:
The program used to review
How you allocated sets of data
Use of predictive coding or other methods
Verify your results to ensure quality control
Control Attorney-client privilege.
Privileged communication is a communication between the attorney and a client for the purpose of giving or
receiving legal advice.
Engage in review training, communication and Quality Control for a defensible review process
The parties should have a discovery agreement in place that has a “clawback” provision
matter covered.
ACEDS Online E-Discovery Training Script
Module 15: Data Production
15.1.1 Hi, it’s Amy. This is Module 15 and it covers data production.
15.2.1 In this Module you will learn about the role of metadata, Quality Control, and tracking data productions. You will also learn
about:
Data Production Formats including native and imaged formats.

How to deliver data to third parties or opposing counsel.
How metadata fields help populate your production database.
The ways production mistakes can destroy your case.
Techniques for validating the integrity of your production.
15.3.2 Data Production refers to the process by which documents and ESI are turned over to a legal adversary.
15.3.3 Native Format refers to the format created by the authoring application, like .docx or .xlsx. Metadata should be intact and
travel with the file, if preserved properly. This is what most parties have in mind when asking for native production. An
alternative is to provide the native files, whose system level metadata might have changed during production (dates, paths)
with a load file containing the original metadata and path information that existed at time of collection and a link to the file
itself.
15.3.4 Image Format refers to scanning, copying or digitizing materials. Stated another way, an image is created from a native
document and represents how the page would look if the document were printed to paper. In order to be “reasonably
useable” as the rules require, an image generally must be produced with extracted metadata and a load file.
15.3.5 You should now understand the following terms: Data production, Native Format, and Image Format.
SLIDE 4: DATA PRODUCTION
15.4.1 After potentially relevant information has been reviewed, the responsive, non-privileged information must be produced to
the requesting party.
15.4.2 The produced data must be maintained by the producing party as a record of the production. Generally, this data is held in
a database that allows the responding party to work with the documents as the case proceeds.
15.4.3 Oftentimes, a party will use the same repository to store both its produced and received documents.
15.4.4 Parties should agree on a form of production at the outset of discovery, ideally at the earliest stage of discovery.
15.4.5 Under FRCP Rule 34, the requesting party may specify a format to which the producing party may object and offer an
alternative format.
15.4.6 If the form of production is not specified by party agreement or court order, the responding party must produce
electronically stored information either in a form or forms in which it is ordinarily maintained or in a form or forms that are
reasonably usable.
SLIDE 5: DATA PRODUCTION FORMATS
15.5.1 ESI can be produced in a number of different formats.
15.5.2 The parties must understand the differences between the various forms of production in order to determine which would
be most useful and expedient for the case.
15.5.3 Frequently, parties agree to use more than one method of producing data.
15.5.4 There are two general methods, they are:
Native Format: Producing ESI and corresponding metadata in the format in which it was created.
Image Format: Working with a vendor or internal software to digitize or copy data and create load files that include
metadata to be used by a data production tool.
15.5.5 There are three agreements you can come to on data formats. On the next few slides we will take a closer look at each
type.
SLIDE 6: DATA PRODUCTION: NATIVE FORMAT
Button Interaction
Characteristics And Functions (Button)
A document is said to be in its native format if it has not been converted in any way from its original form.
Within its native application, a native document will open and behave exactly as it did at the point of its creation.
For example, a Word document produced in native form will be a .doc or .docx file that will open in Microsoft Word
software hosted by the receiving party. It will have all the information and functionality it had when it was copied by
the producing party.
Advantages (Button)
There is no cost to convert the documents.

Natively produced documents present exactly the same information, in the same way, as they did when they were
created.
Disadvantages (Button)
Native documents can easily be altered, leading to concerns with document integrity.
While uncertainty about this integrity can be resolved with investigation, it is a time-consuming process with the
potential to create unnecessary tension between the parties.
In a contentious litigation, the parties may expend excessive effort and time to assure that a document used at
deposition, trial, and hearings has not be altered.
Native documents do not have pagination in any traditional sense, and therefore cannot be labeled, as production
documents traditionally are, with a unique number on each page and a page-level legend indicating the
confidentiality designation of the document. This leads to complexity for court reporters and attorneys tracking
documents presented at depositions and trials, which slows proceedings down. Anything that slows a proceeding
increases legal costs, and lawyers and court reporters still generally prefer to include an image of exhibits with
transcripts.
Unique identifiers can be created and maintained for native documents, but only at the file level, making it difficult
to use them as exhibits since it can be problematic to create a clear record as to what a witness is seeing on the
page.
Metadata (Button)
Native documents can contain the full set of metadata that exists with every form of ESI.
Metadata can be quite useful to the requesting party; for example, it can be used to automatically populate a variety of
objective fields in the document repository database (subject, author, date, etc.). It may also be problematic for the
producing party if it contains information to which the requesting party is not entitled.
Hash Value (Button)
A hash value (or hash) is a result of a calculation (hash algorithm) that can be performed on a string of text, electronic
file, set of files, or a complete hard drive. The hash value itself is represented as a long string of alphanumeric
characters. For example, an MD5 hash value uses 32 characters to represent the data set used for the calculation.
It is statistically unlikely that non-identical files or set of files will have the same hash value when computed using
either the MD5 or SHA1 algorithms. (SHA1 and MD5 are the most commonly known hash algorithms. SHA1 was
designed by the United States National Security Agency and is a US Federal Information Processing Standard published
by the US National Institute of Standards and Technology (NIST)).
Sometimes the hash value is referred to as the document’s electronic fingerprint.
Hashing is used to identify duplicates and remove them when practical. Duplicate documents unnecessarily increase
the costs of discovery.
If an electronic file is changed in any manner (even just deleting one period), the standardized hashing software will
produce a completely different hash value.
Producing parties may “hash” the original native production to have the ability demonstrate that file content has or
has not changed since it was produced. This is to avoid producing files that the opposition changes intentionally or
unintentionally before entering them into evidence.
SLIDE 7: DATA PRODUCTION: IMAGE FORMAT
Button Interaction
Characteristics (Button)
This electronic equivalent of printing creates a static image with distinct pagination, and labeled with a BATES number,
a unique number for each page tied to the particular production, custodian and/or litigation.
Advantages (Button)
This output can be labeled with numbering and protective order designation.
This format is difficult to alter and is also amenable to use as an exhibit for deposition or trial.
It can be printed and used in paper format with ease.
Disadvantages (Button)
There are three main drawbacks to producing in an imaged format: expense, time, and loss of useful information to
which the requesting party may be entitled.
There is a cost associated with converting documents from their native format to an imaged format. Depending on the
size of the production, this cost can be high.
It can also be a fairly time-consuming process, requiring the production schedule to include extra days devoted solely
to this task before the documents can be produced, depending on the size of the data.
In most cases the timing can be accommodated, but there may be some circumstances in which there is not enough
time to perform this conversion process.
Possible loss of useful information (like metadata) is the main reason that the requesting party may balk at an offer to
produce in an imaged format. As noted previously, the metadata of a native document can be used to automatically
code a wealth of information about the documents into the review platform.
In addition, there are particular document types (notably spreadsheets) where the image is not capable of presenting
the depth of information in the document.
In most instances, the requesting party has a convincing argument that an imaged pages, standing alone without
accompanying metadata or ordering information like page numbers, is not “reasonably usable” or how a native
document is maintained in the ordinary course of business as required by FRCP Rule 34.
SLIDE 8: DATA FORMAT COMPROMISE
15.8.1 The choices in which to format data are not limited to native and image formats.
15.8.2 In fact, it is relatively simple to produce images along with extracted text and metadata fields contained with a load file. The
load file is simply a tool to keep extracted data and an image file matched together.
15.8.3 This approach will require agreement between parties as to which load file will be required and the specific metadata fields
will be included.
15.8.4 This permits the producing and receiving parties to search the extracted text and metadata just as the original native file
may be searched for keywords and other information.
15.8.5 Any competent vendor can provide a wide variety of load files and can customize the metadata extraction to fit the
specifications of the requesting party.
15.8.6 However, it is a standard practice, particularly for government productions, that certain files must be produced natively,
even when the majority of the production is images and load files.
15.8.7 Files that are typically produced natively are files that cannot be imaged, such as video and audio files. Sometimes,
spreadsheets are typically produced natively, as these documents do not image well and lose critical cell formulas and
usability. Powerpoint (.ppt or .pptx) files often contain elements that are hidden, like speaker notes and depending on the
case, produced natively. While Word documents (.doc or .docx) can contain information in “track changes,” most
processing software today can display the “track changes” information. The parties should discuss the production of specific
native file types and expectations to avoid costly “rework” of production sets.
SLIDE 9: PRODUCTION OPTIONS
15.9.1 Production may also be made online by sharing access to the ESI in a hosted environment.
15.9.2 This is generally done with the assistance of a hosting vendor and can be particularly effective in cases with a large number
of geographically diverse parties, all of which need access to the same documents and who can share in the costs of hosting
a large document collection.
15.9.3 With an online host the documents may be presented in their native format, as images, or in some combination, and the
same analysis will apply.
15.9.4 For instance, e-mail might all be produced in an imaged format with extracted text, and metadata load files, while
spreadsheets are produced in native format with file level identifiers.
15.9.5 Because there is usually a wide variety of document types in any collection of ESI, it is not uncommon for parties to agree
on more than one format for production.
15.9.6 The key is to understand the pros and cons of each format and to assess the entire collection of ESI types in the production
to determine the approach that is most cost-effective and functional for the circumstances.
SLIDE 10: THE IMPORTANCE OF METADATA FIELDS IN E-DISCOVERY
15.10.1 As discussed, ESI with metadata can be much more useful than traditional paper documents.
15.10.2 For example, metadata includes: names (such as author, sender, recipients, and blind recipients), dates (such as when a
document was created, sent, received, or modified), subject (which is primarily for email), and document type.
15.10.3 All metadata fields can be used by a load file to automatically populate coded fields in the review databases, saving many
hours of work and resources that would otherwise be required for manual coding.
15.10.4 If metadata is provided it will allow the recipient to run date searches of the documents, even if they are being produced in
image format, without having to create an optical character recognition (OCR) file for each document.
15.10.5 In addition, most email and many other document types include a metadata field called “text” which contains a computer-
readable copy of the body of the document itself.
15.10.6 The “text” field is helpful to the producing party for early case assessment and data reduction and creates a higher fidelity
index for the receiving party than OCR’d text.
SLIDE 11: APPLYING QUALITY CONTROLS TO DATA PRODUCTION
15.11.1 While it is tempting to think of the production process as a simple matter of copying data, the actual process can have
multiple steps which may require several different people to accomplish.
15.11.2 As with the other stages of the discovery process, the preparation of ESI for production, and the production itself, may be
ripe for computer or human error.
15.11.3 This may impair the accuracy or completeness of the production. It is therefore necessary to have quality control (QC)
measures in place.
15.11.4 You must validate that each QC process has been executed completely and correctly.
15.11.5 Images converted from native documents need to be opened and examined to ensure that the conversion was performed
correctly and rendered a clear image.
15.11.6 If examining of every document is not feasible due to cost or timing, then a statistically significant sample should be taken
that pays close attention to document types prone to conversion error.
15.11.7 Load files should be tested to ensure they meet requested specifications and operate correctly.
15.11.8 Finally, copying of data from source to production media is a process that can frequently fail, so the integrity of the copy
should be checked before it is provided to the requesting party.
Click here to learn more about the quality control process.
Static Slide
The actual QC process can have multiple steps and may require several different people to accomplish.
It is necessary to have QC measures in place to ensure the accuracy and quality of the production, before it is provided to
the requesting party.
The QC process must involve validation that each process has been done completely and correctly.
Images converted from native documents need to be opened and examined to ensure that the operation was performed
correctly and rendered a clear image.
If you can't examine every document because of cost or timing, then take a reasonable statistically significant sample.
Generated load files should be tested.
The copy should be checked before it is provided to the requesting party.
SLIDE 12: TRACKING THE NATIVE PRODUCTION OF ESI
15.12.1 As discussed, the production of ESI in native format presents unique hurdles for the producing party.
15.12.2 Most significantly, the easy alterability of native documents makes it necessary for the parties to be able to validate the
integrity of any given document.
15.12.3 For the producing party, this generally requires that a pristine copy of the production be maintained and not accessed
unless a question arises about the contents of a specific document.
15.12.4 A comparison can then be made between the questioned document and the original production copy of the same
document.
15.12.5 To facilitate the validation process, and to make the native documents useful as exhibits at both deposition and trial, each
document must have some kind of unique identifier.
Click here to learn more about the quality control process.
Static Slide
Identifiers
Each native document has an MD5 hash value associated with it from the point of its creation, which is unique and can be
captured by tools used to process and produce native files.
This value can also be extracted and used as a file-level identifier by, for example, creating a file name which can include a
subset of the hash value, as the hash value is a long string of random characters.
Particular types of documents can be copy-protected in some ways and, when possible, this should be done before
production.
Although it is usually a simple matter to remove such protections (and therefore it will not stop intentional changes), they
will generally help in preventing accidental alteration of the documents.
SLIDE 13: MODULE 15 COMPLETE
15.13.1 In Module 15 you should have learned about data production. After potentially relevant information has been reviewed,
the responsive information must be produced to the requesting party.
Data Production Formats include native and imaged formats.

Native Format: Producing ESI with metadata intact or the corresponding metadata a load file.
Image Format: Working with a vendor or internal software to digitize or copy data and create load files that
include agreed upon metadata to be used by a data production tool.
Production may also be made online by sharing access to the ESI in a hosted environment.
Metadata fields can be used via a load file to automatically populate coded fields in the review databases.
If not properly managed, production mistakes can destroy your case.
Most significantly, native documents can be altered
Parties must use Quality Control techniques to validate the integrity produced ESI.
matter covered.
Module 16: International Discovery
16.1.1 Hi, my name is Amy. This is Module 16 and it covers international discovery.
16.2.1 The globalization of business is a challenge in almost all current e-discovery cases. To meet this challenge you will need to
learn:
How the United States’ tradition of broad and liberal discovery differs from international standards
Which international treaties and conventions affect cross-border litigation
The meaning of American Bar Association Resolution 103
The Rules and treaties that you may need to consider in pursuing discovery in international jurisdictions
The Hague Convention that governs cross-border requests in many contexts
16.3.2 Globalization is the worldwide movement toward economic, financial, trade, and communications integration.
16.3.3 Cross Border Discovery is discovery in a U.S. proceeding of information located in non-U.S. jurisdictions.
16.3.4 The Convention on the Service Abroad of Judicial and Extrajudicial Documents in Civil or Commercial Matters is commonly
referred to as The Hague Convention. This multilateral treaty was signed on November 15, 1965 by members of the Hague
Conference on Private International Law. The treaty allows service of process of judicial documents from one signatory
state to another without use of consular and diplomatic channels.
16.3.5 A statute is a formal written enactment of a legislative authority that governs a state, city, or county.
16.3.6 The Data Privacy Directive is a European Union directive which regulates the processing of personal data within the
European Union.
16.3.7 You should now understand the following terms: Globalization, Cross-Border Discovery, Hague Convention, Statute and
Data Privacy Directive.
SLIDE 4: GLOBALIZATION OF BUSINESS
16.4.1 The globalization of business is a challenge in many current e-discovery cases.
16.4.2 Modern corporations may maintain a range of operations in more than one country.
16.4.3 For example, call center customer service is often outsourced to international locations.
16.4.4 In addition, the rise of cloud computing may mean an organization’s ESI is stored in unspecified, remote locations in other
countries, and therefore may be subject to the laws of that country.
16.4.5 Since companies may have offices or subsidiaries in a foreign country, it is possible that a dispute between two US litigants
could end up raising international e-discovery issues.
16.4.6 International e-discovery may also arise in internal corporate investigations involving foreign entities and when responding
to subpoenas involving international entities.
SLIDE 5: US. AND EUROPEAN STANDARDS
16.5.1 The US tradition of "broad and liberal discovery" is unique among major industrialized nations.
16.5.2 In European and other countries, including Canada, laws protecting personal privacy typically cover documents and
information which would be readily discoverable in the US.
SLIDE 6: NAVIGATING CROSS-BORDER DATA REQUESTS
16.6.1 Attorneys making cross-border ESI requests must be knowledgeable about the rules and procedures concerning
information requests in the jurisdiction where the data is located. Engagement of local counsel to help navigate the laws of
the foreign jurisdiction is considered a best practice.
16.6.2 Attorneys risk unintentional criminal conduct if they violate the rules governing information requests in cross-border
jurisdictions.
16.6.3 The American Bar Association ABA Resolution 103, adopted in 2012 calls for US courts to ‘...consider and respect the non-
US data protection and privacy laws of any foreign sovereign, and the interests of any person who is subject to or benefits
from such laws, with regard to data that is subject to preservation, disclosure, or discovery.’
16.6.4 The principal procedural objection to the US style of eDiscovery in approximately 76 countries that have signed the Hague
Convention is that all cross-border requests should utilize procedures specified by the convention.
16.6.5 The non - US party may also object to an ESI request on the grounds that such production would violate the law of the
country where the information is stored.
SLIDE 7: CROSS-BORDER E-DISCOVERY CHALLENGES
16.7.1 Businesses are expanding their infrastructure and electronic communication channels beyond US borders.
16.7.2 Data has become transnational and frequently has no single physical location.
16.7.3 For example, a single email can be sent simultaneously to millions of people around the world, passing through thousands
of Internet routers, and stored on an untold number of email servers and clients.
16.7.4 Because of this, the precise location of all copies of any given e-mail is often difficult to determine.
16.7.5 The transitory nature of ESI often clashes with the practices and procedures of national civil and criminal justice systems in
other countries.
SLIDE 8: CROSS-BORDER E-DISCOVERY GUIDELINES
16.8.1 There are some general cross-border e-discovery guidelines which should be followed to streamline international discovery
requests.
16.8.2 Counsel who requests, or are responding to a request for documents to be produced from abroad must be knowledgeable
of the rules and procedures related to information requests in the jurisdiction where the data is located.
16.8.3 Discovery practices which are mandated in the US may amount to criminal intrusions into individuals' privacy if conducted
abroad. These privacy considerations extend beyond the European Union (E.U.) Many South American countries, for
example, have adopted data privacy laws similar to the E.U.
16.8.4 In addition, US discovery practices may also violate other laws of a foreign jurisdiction - not just data privacy laws. For
example, in Switzerland, banking secrecy laws apply. In China, state secret laws must be considered. And in South Africa,
the law requires consideration of the Protection of Businesses Act.
16.8.5 Counsel should consult knowledgeable local authorities before engaging in any international e-discovery related activities.
SLIDE 9: CROSS-BORDER CULTURAL DIFFERENCES
16.9.1 As mentioned earlier, the U.S. allows for broad discovery. See specifically the FRCP 26 (a)(1)(A)(ii) that states “that the
disclosing party may use discovery to support its claims or defenses, unless the use would be solely for impeachment.”
Discovery is conducted by the parties and, absent cost-shifting, the producing party bears the cost.
16.9.2 In contrast, other countries may limit disclosure to evidence needed for trial. It is not unusual for another country to have
the judicial officers to conduct discovery or for there to be no discovery at all. It is also not unusual for other countries to
shift the cost of discovery to the requesting party.
16.9.3 Requests from a US court for production of ESI from local citizens and companies are viewed cautiously, and can be
considered to be a violation of local norms and practices.
16.9.4 Because of these differences in discovery practices, obtaining ESI held outside the US can be challenging. The time and
expense to conduct foreign discovery must be carefully considered.
SLIDE 10: CHALLENGES TO CROSS-BORDER E-DISCOVERY
16.10.1 There are several challenges to cross-border e-discovery.
16.10.2 We are going to focus on two major challenges here.
Button Interaction
CONTROL CHALLENGES (Button)
Where a party to a litigation has international affiliates, a threshold question will be whether those affiliates will be
deemed by the court to be within the litigant's control.
If not, a request for these documents made to the litigant will not be effective.
If the requested ESI is under the control of the parent company, the question then turns to whether the litigant and/or
its affiliate is subject to restrictions in the host country that preclude it from producing the requested information, and
then to whether the US court will honor those host country restrictions or order production.
Courts may also look to whether the ESI can be obtained from other, more accessible, locations, such as within the US
CULTURAL CHALLENGES (Button)
One source of friction in seeking discovery from foreign jurisdictions is cultural.

US-style pre-trial discovery of all relevant information (with "relevancy" construed as broadly as possible) is an alien
practice elsewhere.
Most countries do not provide for US-style, party-controlled, pretrial discovery of relevant information.
The concept of a litigation hold is not necessarily understood by citizens of other countries where US-style Discovery is
not the norm. This can cause challenges when applying US discovery expectations (written legal holds, for example) in
foreign jurisdictions.
Language differences can also present challenges in international discovery.
SLIDE 11: US CONTROL OF FOREIGN ESI

16.11.1 If the US court presiding over a matter has jurisdiction over a non-US litigant, or deems itself to have jurisdiction over the
foreign affiliate of a US litigant, the FRCP will apply to requests for production of ESI from outside the US, just as they do to
requests for the production of data located in the US.
16.11.2 If the parent organization can be shown to have exercised sufficient control and dominion over the operations of the US-
based subsidiary, then production of ESI from the foreign parent may be required under the FRCP.
16.11.3 While custody and control are measures that courts use in determining whether production is required, they must also
consider other factors. For example, an order that a parent German corporation was to produce data in the US was
reversed because the court did not consider: (1) the competing national interests; (2) the hardship of compliance, and (3)
whether the importance of the documents to the litigation is sufficient to warrant the discovery request.
16.11.4 It is important to remember that non-US parties may raise a number of procedural or substantive defenses to production
which are unavailable to US-based parties.
SLIDE 12: THE HAGUE CONVENTION
16.12.1 The Hague Convention is legislation on the Service Abroad of Judicial and Extrajudicial Documents, in Civil or Commercial
Matters.
16.12.2 Not all western countries, and not even all European Union member countries are parties to the Hague Convention.
16.12.3 Each contracting state is required to designate a "Central Authority" to accept incoming requests for service.
Button Interaction
History (Button)
The Hague Convention is a multilateral treaty drafted under the auspices of the Hague Conference on Private
International Law.
It allows for the transmissions of letters of request for documents from one signatory state to another signatory state
without recourse to consular and diplomatic channels.
The European Union has now supplanted the Hague Convention with Council Regulation (EC) Number 1206/2001
No. 1206 allows for direct contact between the courts of the member states.
Membership (Button)
As of 2014 there are seventy-eight member nations in the Hague Convention.

Check the Hague Conventions' website (www.hcch.net) for a full list of member nations.
Compliance (Button)
Judicial officers in foreign jurisdictions in receipt of Hague Convention requests may or may not fully comply with them.
Officials will exercise local judgment as to whether, and to what degree, a request should be honored.
Requests may be refused or interpreted narrowly.
Interpretation (Button)
The judicial request will be interpreted by the receiving judicial official, and responded to within the constraints of the
laws of the receiving jurisdictions.
Some nations have signed the convention with caveats limiting the information they will supply.
Some country limitations are so extreme as to render the convention of extremely limited value.
As a result, US courts have generally rejected the Hague Convention as the exclusive vehicle for obtaining cross-border
discovery, although some court rulings require an initial application through the convention.
SLIDE 13: PRIVACY PROTECTION LAWS
16.13.1 A clash of cultures between US-style litigation and discovery recipients abroad can be seen when requesting parties seek ESI
which is located within, or contains information about, the residents of European Union member countries or countries
with similar data privacy laws such as certain South American countries.
16.13.2 In Europe and elsewhere, personal information can include the name of an individual, their physical and e-mail address, job
title, telephone number, family members, and similar facts which can be used to identify someone. Even if the information
is created and maintained in a business environment it is still considered personal information.
16.13.3 Click on each icon to learn more about privacy protection laws.
Button Interaction
The EU has a wide-ranging data privacy law which has been interpreted with varying but often onerous rigor by
individual countries.
The EU data privacy law extends to any document containing information about an EU citizen, and it governs not just
the production of this information, but also how, where and under what circumstances the information can be
"processed" and stored.
A work report containing the name of a person may be considered "personal information."
The Data Protection Directive does not prohibit processing and transferring of ESI for litigation purposes. The Directive
has, however, been interpreted to seek compliance with certain data protection requirements.
US organizations can apply for safe harbor status, indicating compliance with the EU Data Privacy Directive and
allowing for transfer of the ESI to the US
SLIDE 14: THE DATA PROTECTION WORKING GROUP
16.14.1 In February 2009, the Data Protection Working Group published "Working Document 1/2009 on Pre-Trial Discovery for
Cross-Border Civil Litigation," which provides guidance in managing the tension between US discovery obligations and the
EU's data protection requirements.
16.14.2 The group also made recommendations on pre-trial cross-border discovery, offering various considerations for protecting
personal information, including recommendations on retention, preservation, and archiving, as well as, policies on
transferring ESI which is deemed to contain personal information.
16.14.3 The Safe Harbor program, administered by the US Department of Commerce, is a self-attesting designation designed to
mitigate European concerns about private data. The Safe Harbor is under intense scrutiny and revisions, and may not be
relied upon as it has in the past for easier cross border data transfer. It is likely this area of e-discovery will change in the
near term.
SLIDE 15: THE DATA PROTECTION WORKING GROUP RECOMMENDATIONS
16.15.1 The Data Protection Working Group is also responsible for making other recommendations regarding consent, compliance,
legitimate interest, personal data, and sensitive information.
Button Interaction
Consent (Button)
Individuals may consent to the processing of their personal information.

Consent must be given freely voluntarily, and knowingly; it cannot be coerced, even mildly, by an employer.
Evidence of consent must be clear, and consent, once given, may be revoked.
Consent must be provided affirmatively, in writing, and with reference to the specific documents the production of
which has been requested.
Compliance (Button)
The personal information must be necessary for compliance with a legal obligation.
Processing is permitted only when a member state has authorized it for the purposes of meeting a legal obligation to
comply with a court order of another jurisdiction regarding pre-trial discovery.
Legitimate Interest (Button)
The information must be necessary for meeting a legitimate interest.

Processing and transferring personal information data may be authorized to meet the demands of litigation if
accomplished in a measured, proportionate, and secure manner.
Processing for litigation requires balancing the rights of the individuals whose personal data is processed against the
rights and interests of litigating parties.
Personal Data (Button)
A party seeking to process personal data for litigation must take numerous steps to protect personal information.
o As much processing as possible should be accomplished within the European Economic Area.
o The ESI may be anonymized or at least pseudonymized, and data sets must be culled of irrelevant personal
information.
Sensitive Information (Button)
Truly sensitive information, such as official ID numbers, health, and tax information can be redacted from the
documents prior to transfer. Some processing tools may be able to help identify certain such information.
If ESI to be transferred contains personal information, the request to transfer it must be proportionate to the
legitimate needs of the litigation.
Reasonable provisions should be made to secure the processed data and to prevent its use and transfer beyond the
litigation.
SLIDE 16: BLOCKING STATUTES
16.16.1 Blocking statutes, which have been enacted by many nations, typically prohibit the cross-border transfer of information the
host country deems commercially valuable.
16.16.2 Blocking statutes are ostensibly designed to prevent valuable assets and information from leaving the country if disclosure
would place its industry and commerce at a competitive disadvantage.
16.16.3 For example, a blocking statute may prohibit the inspection and copying of certain categories of documents or transmission
of ESI related to the industrial processes which a country considers either secret or of national importance.
16.16.4 Some nations have enacted forms of blocking statute related to a particular industry or type of data.
16.16.5 For example, in Switzerland, they have enacted laws relating to the disclosure and transmission of bank account
information. Such blocking statutes are sometimes referred to as secrecy laws.
Button Interaction
Us Court Application (Button)
Parties subject to the jurisdiction of countries with blocking statutes argue that the demand for production by a US
court places them in an untenable situation: either the party makes production, violates its country's laws, and faces
attendant civil and criminal sanctions, or it fails to make production in the US litigation and faces potentially case-
dispositive sanctions from the US court.
US courts may attempt to address this conflict by insisting that a party asserting a blocking statute objection must
demonstrate a real and imminent likelihood of civil or criminal prosecution if it complies with the production request.
US courts do not always allow litigants subject to US court jurisdiction to use the restrictions of another nation's privacy
laws or blocking statutes as a shield to producing relevant documents.
There are many reported cases where the producing party has argued that producing documents would subject it to
civil or criminal jeopardy in the nation where the ESI is located, US courts have overruled those objections and ordered
production notwithstanding the other country's laws.
US Court Tests (Button)
When dealing with a blocking statute issue, the US courts have relied upon the balancing test presented in Societe
Nationale Industrielle Aerospatiale v. United States Dist. Ct. for the Southern Dist. Of Iowa, 482 U.S. 52, 539-40 (1987)
that is administered. Below are the questions asked:
o How important is the information requested in the litigation?
o What is the degree of specificity of the request?
o Did the information originate in the US, and what is the availability of alternative means to secure the information?
o What extent would non-compliance undermine important interests of the US or of the state where the
information is located?
o What is the degree of hardship on the producing party and whether that hardship is self-imposed?
o Some courts have also added a sixth factor, regarding the potential hardship a producing party may endure from
compliance with the US discovery requests.
SLIDE 17: MANAGEMENT OF CROSS-BORDER ESI
16.17.1 With respect to requests for production to non-US based parties, counsel should be especially mindful of the
proportionality limitation imposed on the scope of discovery by Federal Rule of Civil Procedure 26 (b)(1).
16.17.2 Discovery must be “proportional to the needs of the case, considering the importance of the issues at stake in the action,
the amount in controversy, the parties’ relative access to relevant information, the parties’ resources, the importance of
the discovery in resolving the issues, and whether the burden or expense of the propose discovery outweighs its likely
benefit.”
16.17.3 The burdens and costs of electronic discovery can be staggering if not constrained by proper judicial management, guided
by proportionality.
16.17.4 Courts can be expected to closely scrutinize the burdens an ESI discovery request would place on litigants with data located
outside the US.
16.17.5 It is not enough to claim a burden in producing ESI from outside the US. Courts expect that the burden be demonstrated
through cost estimates associated with the preservation, collection, processing, transfer, review, and production of the ESI.
16.17.6 Sampling or prioritization of ESI may be appropriate to complying with production requests while achieving proportionality.
16.17.7 Click each button to learn more.
Button Interaction
Understanding Local Law (Button)
Requesting parties will want to understand the laws of the countries where the requested data resides when drafting their
requests. Involving local counsel is appropriate.
Tailoring Demands (Button)

Requesting parties should tailor discovery demands in a manner that avoids seeking personally-identifiable information
about non-US persons.
Filtering Data (Button)
Requesting parties also should be prepared to permit the producing party to filter or remove unneeded personal data.
SLIDE 18: CROSS-BORDER REQUESTS AND RESPONSE
16.18.1 It is important to remember that cross-border discovery requests are a two-way street. ESI is often requested by foreign
courts.
16.18.2 Title 28 in the United States Code Section 1782 is often used when requests are made from an outside state tribunal for ESI
being held in the US to be used in a non-US proceeding. Section 1782 is more commonly used by US courts rather than the
Hague Convention.
16.19.1 International e-discovery disputes may also arise in internal corporate investigations involving foreign entities and when
responding to subpoenas involving international entities. In this Module you have learned about:
The American Bar Association ABA Resolution 103 regarding non-US data protection and privacy laws
Blocking statutes, which have been enacted by many nations prohibiting the cross-border transfer of certain types of
information
Federal Rule of Civil Procedure 26 (b)(1) or the Rule of Proportionality
When production of ESI from a foreign parent may be required under the FRCP
"Working Document 1/2009 on Pre-Trial Discovery for Cross-Border Civil Litigation," which provides guidance in managing
the tension between US discovery obligations
matter covered.
Module 17: Ethics in e-discovery
17.1.1 Hi, it’s Amy. This is module 17 and it covers ethics in e-discovery.
17.1.2 Let’s get started. Click the NEXT button at the lower right to continue.
17.2.1. Everyone involved in e-discovery work, regardless of their role, must be aware of the ethical considerations that may arise.
In particular you will learn about:
The American Bar Association Model Rules of Professional Conduct
Your duty to produce documents, to inform clients of preservation obligations, and to comply with court orders
Well-known cases of e-discovery sanctions
Common mistakes that destroy your e-discovery practice
Your legal duty of competent representation
How to avoid conflict of interest disputes
17.3.2 The American Bar Association Model Rules of Professional Conduct (ABA Model Rules) are a set of rules that influence the
baseline standards of legal ethics and professional responsibility for lawyers in the United States. Each state bar has its own
ethical rules. Many state bars adopt the ABA Model Rules in whole or in part.
17.3.3 Sanctions are penalties imposed by a judge. A client and/or an attorney can be sanctioned.
17.3.4 Ethics are the rules of conduct recognized in respect to a particular group. In this case, I will refer to ethics for attorneys.
17.3.5 Data mining can mean data processing using sophisticated data search capabilities. In this case, it means exploring
metadata not visible to untrained individuals and may involve finding possibly privileged information.
17.3.6 You should now understand the following terms: American Bar Association Model Rules of Professional Conduct, sanctions,
ethics, e-discovery, and data mining.
SLIDE 4: ETHICAL STANDARDS FOR ATTORNEYS
17.4.1 Anyone involved in e-discovery work, regardless of their role, must be aware of the ethical considerations that may arise.
17.4.2 Attorneys are held to professional standards adopted by each state's bar association.
17.4.3 Currently, there aren't any explicitly discovery-related ethical rules for lawyers. There are general rules implied in various
aspects of the discovery process.
17.4.4 When handling ESI, the value of a particular piece of information might not be apparent to even the most scrupulous
practitioner.
17.4.5 Courts can impose sanctions, or remedies, against parties and attorneys for various violations that occur during the e-
discovery process.
SLIDE 5: ATTORNEY’S DUTIES
17.5.1 Sanctions are within the inherent power of the courts and may be based on failure to adhere to ethical obligations imposed
on attorneys.
17.5.2 Attorneys have (at least) four ethical duties that relate to discovery. They are: duty of competency, duty of confidentiality,
duty of candor and duty to avoid conflicts of interests.
SLIDE 6: POTENTIAL SANCTIONS
17.6.1 Sanctions can take several different forms. A few of them are: dismissal of action, default judgment, adverse jury
instruction, and monetary penalties.
Button Interaction
Dismissal Of Action (Button)
Termination of a civil action on a successful application (made during or at the end of a trial) by a defendant that the
action be dismissed.
Unless terminated with prejudice, you would now need to go through the added expense of retrying your case.
Default Judgement (Button)
A binding judgment in favor of the plaintiff based on some failure to take action by the other party.
You have basically lost the case automatically.
Adverse Jury Instruction (Button)
The judge informs the jury that someone did not produce evidence, or spoliated the evidence so that it could not be
brought to the court, with the intention of concealing damaging information, and therefore the jury should assume
that the evidence not presented was adverse to the party who withheld or destroyed it.
This can be devastating to your case.
Monetary Penalties (Button)
Can be assessed against both the lawyers in the case, as well as their clients. The amount of the penalty can be
significant.
SLIDE 7: WHAT CAN LEAD TO SANCTIONS
17.7.1 A variety of bad acts can lead to sanctions. Most sanctions occur when multiple bad acts have occurred. For instance:
17.7.2 Failure to produce documents, either not on time or not at all; failure to inform clients of preservation obligations; failure to
comply with court orders, failure to oversee a client’s search for ESI, and lawyer misrepresentations.
SLIDE 8: MOST COMMON REASONS FOR SANCTIONS

17.8.1 Generally, more severe sanctions will be imposed for repeated bad acts or failures to comply with court orders over an
extended period of time. Under Rule 37(e) as amended in 2015, the most severe sanctions will not be awarded in the case
of negligence, even gross negligence, but only where a court finds that a party acted intentionally to deprive the opponent
of the use of information in the litigation. If lost ESI can be replaced or restored, there will be no sanction. If it cannot be
replaced or restored, the court may order sanctions “no greater than necessary to cure the prejudice” to the opponent.
17.8.2 Defendants are nearly three times more likely to be sanctioned than plaintiffs.
17.8.3 Failure to preserve is historically the single most common basis for sanctions.
17.8.4 The second most common sanction has historically been for failure to produce and delays in production.
SLIDE 9: NOTABLE CASES WITH SANCTIONS
17.9.1 Next, we will discuss two cases which resulted in sanctions and made headlines.
17.9.2 In a case involving the company Qualcomm, there were six attorneys referred to the California State Bar for possible
disciplinary proceedings. A federal judge said Qualcomm did not make a reasonable inquiry into the client's e-discovery
practices. Qualcomm was ordered to pay more than $8.5 million in sanctions.
17.9.3 Coleman Holdings v. Morgan Stanley is a well-known case we will discuss. A default judgment was imposed when attorneys
failed to disclose the existence of discoverable information in a timely fashion. However, the penalty was largely reversed
on appeal.
SLIDE 10: DUTY OF COMPETENCY
17.10.1 Probably the most fundamental and all-encompassing duty lawyers have - which extends to everyone the lawyer engages
to provide e-discovery service to a client - is the duty of competency. Rule 1.1 states that “a lawyer shall provide competent
representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation
reasonably necessary for the representation.”
17.10.2 Lawyers are required to maintain the level of skill needed to adequately serve their clients in the particular matter for
which they are hired, including the skills and technical knowledge necessary to serve in the area of discovery.
17.10.3 Persons holding themselves out as having the ability to assist with the preservation, collection, processing, review, and/or
production of ESI must maintain at least a minimum level of competency to provide those services.
17.10.4 Counsel’s ethical responsibilities include the duty to competently design and manage the plan for preserving, collecting,
processing, reviewing and producing ESI in response to lawful discovery requests.
17.10.5 If an attorney does not have that level of competency, he or she must acquire the necessary knowledge or skill, bring in
others who do have the requisite skills to assist, or withdraw from the representation.
17.10.6 Lawyers who engage outside consultants to assist with e-discovery tasks must take reasonable steps to assure themselves
that the consultants are competent to handle the particular tasks for which they will be engaged.
17.10.7 The ABA amended Rule 1, Comment 8 to specifically call out technical competence, and most states
have followed the ABA’s lead:
To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its
practice, including the benefits and risks associated with relevant technology, engage in continuing study and
education and comply with all continuing legal education requirements to which the lawyer is subject.
(Emphasis added.)
SLIDE 11: DUTY OF COMPETENCY: REVIEW
17.11.1 Click on each button to review the attorney's duty of competency.
Button Interaction
Part 1 (Button)
Probably the most fundamental and all-encompassing duty lawyers have - which extends to everyone the lawyer
engages to provide e-discovery service to a client - is the duty of competency.
Lawyers are required to maintain the level of skill needed to adequately serve their clients in the particular matter
for which they are hired, including the skills and technical knowledge necessary to serve in the area of discovery.
Persons holding themselves out as having the ability to assist with the preservation, collection, processing, review,
and/or production of ESI must maintain at least a minimum level of competency to provide those services.
Part 2 (Button)
Counsel's ethical responsibilities include the duty to competently design and manage the plan for preserving,
collecting, processing, reviewing and producing ESI in response to lawful discovery requests.
If an attorney does not have that level of competency, he or she must acquire the necessary knowledge or skill,
bring in others who do have the requisite skills to assist, or withdraw from the representation.
Lawyers who engage outside consultants to assist with e-discovery tasks must take reasonable steps to assure
themselves that the consultants are competent to handle the particular tasks for which they will be engaged.
SLIDE 12: DUTY OF CONFIDENTIALITY
17.12.1 The attorney-client privilege attaches to confidential communications between lawyers and their clients made in the course
of and/or for the purpose of requesting or providing legal service. In addition, the American Bar Association’s Model Rule
1.6 on Client Confidentiality of Information states, “A lawyer shall not reveal information relating to the representation of a
client unless the client gives informed consent.”
17.12.2 It applies to both written and oral communications.
17.12.4 The term "client" can include agents of the client (employees or third parties working on behalf of the client) as long as that
person is necessary to the communication.
17.12.5 Likewise, the term "lawyer" can include agents of the lawyer, such as paralegals or other professionals engaged to assist in
the representation.
17.12.6 Disclosure of these communications to persons outside the sphere of the privilege can result in a waiver, meaning that the
protection of the privilege is lost.
17.12.7 A person who is neither the lawyer nor the client but who is involved in the privileged communication is also bound to keep
the confidence of that communication. That includes any vendor hired to assist with the processing and hosting of ESI.
SLIDE 13: INADVERTANT DISCLOSURE OF PRIVILEGE
17.13.1 The protection of attorney-client privileged communications is an ethical requirement which requires significant attention
when designing and implementing an e-discovery project.
17.13.2 Attorney-client privilege and work product protection also arise in the context of the document review and production
itself.
17.13.3 Such privileged material is likely to be present in the ESI which is being reviewed and must be protected from disclosure.
17.13.4 Attorneys and others working with protected information must understand the rules regarding the attorney-client privilege
and attorney work product immunity and must be properly trained in how to identify material which must be withheld.
17.13.5 If privileged material is inadvertently produced, the attorney (and others working on the matter) must take steps to request
and obtain the return or destruction of that information from the other party as promptly as possible after the production
is discovered.
17.13.6 Protective Orders, clawback agreement and a judicial order based on Federal Rule of Evidence 502 provide a mechanisms in
the federal court system for the return of privileged communications and protected materials.
SLIDE 14: DUTY OF CONFIDENTIALITY: REVIEW
17.14.1 Click on each button to review the attorney's duty of confidentiality.
Button Interaction
Part 1 (Button)
A lawyer shall not reveal information relating to the representation of a client.

Must take adequate steps to maintain privilege and protect confidential information.
Can sometimes come into conflict with duty to candor to court.
It applies to both written and oral communications.
The term "client" can include agents of the client (employees or third parties working on behalf of the client).
The term "lawyer" can include agents of the lawyer, such as paralegals or other professionals engaged to assist in the
representation
Part 2 (Button)
The attorney-client privilege attaches to confidential communications between lawyers and their clients made in the
course of and/or for the purpose of requesting or providing legal service.
Disclosure of these communications to persons outside the sphere of the privilege can result in a waiver, meaning that
the protection of the privilege is lost.
A person who is neither the lawyer nor the client but who is involved in the privileged communication as described
above is also bound to keep the confidence of that communication.
Part 3 (Button)
Attorney work product protection attaches to documents reflecting an attorney's thinking about a case or to materials
prepared by or at the direction of the attorney in anticipation of litigation.
Work product protection may attach to documents created by non-lawyers assisting with the ESI collection and review
process.
If privileged material is inadvertently produced, the attorney (and others working on the matter) must take steps to
request and obtain the return or destruction of that information from the other part as promptly as possible after the
production is discovered.
Federal Rule of Evidence 502 provides a mechanism in the federal court system for the return of privileged
communications and protected materials.
SLIDE 15: DUTY OF CANDOR
17.15.1 Anyone working within the judicial system owes a duty of candor to the court and other litigants. American Bar Association
Model Rule 3.3 states that a lawyer will not make false statements to a tribunal or fail to correct a false statement of fact.
17.15.2 Attorneys are officers of the court.

17.15.3 Beyond the usual obligation to be honest and truthful in business dealing, this duty implies the possible use of the power of
the judiciary to punish lapses in honesty and full disclosure.
17.15.3 All statements made to a court, whether or not under oath, must be accurate and complete.
17.15.5 Dishonest or misleading information presented to a court, through any means, may bring serious sanctions including
monetary fines and an order of contempt with the possibility of incarceration.
17.15.7 The availability of predictive coding software and other methods of reviewing only a subset of potentially relevant data can
give rise to new and complicated issues surrounding the duty of candor, especially where there is no quality control or an
understanding of how the software determines relevancy.
17.15.8 If a lawyer uses predictive coding sampling, or similar methods to reduce the cost of document review, the lawyer should
be prepared to defend their methodology, or to get agreement from the requesting party or approval of a judge depending
on the facts and circumstances of the case.
17.15.9 Counsel bears an obligation, including with respect to subjects related to ESI, to reasonably investigate and become
satisfied that the facts included in a document submitted to the adversary or the court are as the client portrays them to
be. For example, some courts have held that an attorney may not simply accept a client's statement that it has taken
measures to preserve data.
SLIDE 16: DUTY OF CANDOR: REVIEW
17.16.1 Click on each button to review the attorney's duty of candor.
Button Interaction
Part 1 (Button)
Anyone working within the judicial system owes a duty of candor to the court and other litigants. Attorneys are officers
of the court and must conduct themselves accordingly.
A lawyer shall not knowingly:
o Make (or fail to correct) a false statement of fact or law to a tribunal.
o Offer evidence that the lawyer knows to be false.
o Fail to investigate and learn true facts.
o Rely solely on client for factual matter.
Part 2 (Button)
One important aspect of the duty of candor is that an attorney (or other person working with a litigant) may not
simply accept at face value every client statement.
If misstatement has been made, must correct it immediately.
Beyond the usual obligation to be honest and truthful in business dealings, this duty implies the possible use of the
power of the judiciary to punish lapses in honesty and full disclosure.
All statements made to a court, whether or not under oath must be accurate and complete.
Part 3 (Button)
It is impermissible to actively create a misrepresentation or to allow a court or judicial officer to form an incorrect
understanding by omitting relevant information.
Dishonest or misleading information presented to a court, through any means, may bring serious .
A false statement made under oath also carries the possibility of a criminal charge of perjury. Testimony taken under oath
includes depositions, affidavits and sworn declarations.
Part 4 (Button)
The availability of predictive coding software and other methods of reviewing only a subset of potentially relevant data
gives rise to new and complicated issues surrounding the duty of candor.
It is important to document due diligence and quality control to be able to defend data reduction.
SLIDE 15: DUTY TO AVOID CONFLICT
17.15.1 Attorneys also are bound by ethical rules to avoid conflicts of interest in their representations.
17.15.2 The rules surrounding attorney conflicts are numerous and complex, but essentially prevent a lawyer from representing
two parties who are adverse to each other, either in a single matter or even in unrelated matters.
17.15.3 While non-lawyers are not professionally bound by these same rules, it is quite common for clients to demand conflict
checks and disclosures from anyone who assists them in litigation.
17.15.4 For instance, a company which processes and hosts ESI for review might be required to disclose if it also does business with
the opponent in the case, even if that work is related to another case.
SLIDE 16: METHODS TO AVOID CONFLICTS OF INTEREST
17.16.1 There are sometimes methods of mitigating the effects of a conflict of interest, if the client consents.
17.16.2 The most common method is to create a "firewall" between the respective personnel working on each matter.
17.16.3 In any event, such conflicts - or even potential conflicts - must be disclosed to and discussed with the client before
undertaking any representation.
17.16.4 A form of conflict of interest may arise when a lawyer and vendor have a business relationship which involves sharing fees
paid by the client, the payment of a referral fee, or any other circumstance in which one or both parties benefit in some
material way from the client's work other than through the fees paid directly by the client.
17.16.5 If a person or company will benefit from the referral of the client's business to another person or entity, this fact must be
disclosed to the client so that the client may objectively assess the recommendation to use that particular service provider.
17.16.6 In short, attorneys retaining vendors must disclose any financial relationship between the attorney and the vendor. If the
vendor is a client of the firm, this too, may be a fact worthy of disclosure.
SLIDE 17: DUTY TO AVOID CONFLICT: REVIEW
17.17.11 Click on each button to review the attorney's duty to avoid conflicts of interest.
Button Interaction
Part 1 (Button)
Prevents a lawyer from representing two parties who are adverse to each other, either in a single matter or even in
different matters.
While non-lawyers are not professionally bound by the same rules, it is quite common for clients to demand conflict
checks and disclosures from anyone who assists them in a litigation matter.
For instance, a company which processes and hosts ESI for review would be required to disclose if it also does business
with the opponent in the case, even if that work is related to another case.
The most common method of mitigating a conflict of interest, assuming the client consents, is to create a "firewall"
between the personnel working on each matter.
Part 2 (Button)
In any event, such conflicts - or even potential conflicts - must be disclosed to and discussed with the client before
undertaking any representation.
A form of conflict of interest may arise when a lawyer and vendor have a business relationship which involves sharing
fees paid by the client, the payment of a referral fee, or any other circumstance in which one or both parties benefit in
some material way from the client's work other than through the fees paid directly by the client.
If a person or company will benefit from the referral of the client's business to another person or entity, this fact must
be disclosed to the client, so that the client may objectively assess the recommendation to use that particular service
provider.
SLIDE 18: IMPACT OF SANCTIONS ON ATTORNEYS
17.18.1 As attorneys in the Qualcomm case discovered, it's not just the client who is on the line.
17.18.2 Sanctions can be assessed against the attorneys personally.
17.18.3 Click each attorney to see the impacts of sanctions on an attorney.
Image Interaction
ATTORNEY
A judge can refer an attorney to the bar association for investigation and if the attorney is found to have violated his or
her professional responsibilities, the bar association may prohibit the attorney from the practice of law either
temporarily (suspension) or permanently (disbarment).
Being under investigation can tarnish the attorney's reputation, even if they are eventually cleared.
Attorney could lose public favor. Press will usually report on sanction orders, they report less exoneration coverage.
SLIDE 19: DATA MINING LAWYER COMMUNICATIONS
17.19.1 Bar associations disagree about whether it is ethical for receiving counsel to mine electronic communications from
opposing counsel for metadata and hidden data.
17.19.2 Because it's such a tricky subject, attorneys should take two steps to ensure that they will not face any sanctions.
17.19.3 Counsel should consider taking steps to assure that hidden data and metadata are removed from non evidence electronic
communications prior to providing them to other parties.
17.19.4 Scrubbing of metadata in the ESI is not the same as scrubbing metadata in communications between and among opposing
counsel. Scrubbing of metadata in ESI can be considered spoliation, where scrubbing metadata in communications between and
among opposing counsel can be considered protection of confidentiality and/or privilege.
SLIDE 20: E-DISCOVERY LAW: PROTECTIONS AND PRECAUTIONS
17.20.1 There are several important rules and guidelines that should inform your decision making process.
Button Interaction
The Sedona Conference
An important guide and protection for attorneys is the Sedona Conference’s Cooperation Proclamation.
The Cooperation Proclamation has been endorsed by judges and magistrate judges in many jurisdictions.
The Sedona Conference is a nonprofit law and policy think tank, and it has produced a reference manual for judges handling
e-discovery and addressing the cooperation required between parties.
Federal Rule of Evidence 502.
One of the most important protections for attorneys is Federal Rule of Evidence 502.
Without an order based on the rule, attorneys waive their right to privilege if they accidentally produce confidential
material to opposing counsel. However, under the rules, the courts may consider the fairness of the situation to determine
if privileged information should be returned. In addition, a clawback agreement may be put in place that allows for the
return of inadvertently produced materials without penalty.
17.21.1 In this module we have learned the ethical obligations e-discovery specialists operate under and the penalties that may be
assessed for failures to properly manage ESI in litigation. Your duties include:
Duty of competency, including technical competency

Duty of confidentiality
Duty of candor
Duty to avoid conflicting interests
The ABA Model Rules
17.21.2 You also learned about:
Sanctions, including dismissal of action, default judgment, adverse jury instruction, and monetary penalties.
Federal Rule of Evidence 502, which provides a mechanism in the federal court system for the return of privileged
communications and protected materials.
17.21.3 And two historically important cases of e-discovery sanctions:
Qualcomm, in which six attorneys referred to the California State Bar for possible disciplinary proceedings
Morgan Stanley, in which a default judgment was imposed on the legal team for producing documents late (though this
penalty was largely reversed)
matter covered.

Okc Aceds Edex App

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Okc Aceds Edex App

Uploaded by

Copyright:

Available Formats

yz{|}ÿ}

163 ÿ1869ÿ4 ÿ 843ÿ

Presenters Biography and Accolades:

Presenters Education and Qualifications:

CLE Compliance Information:

FOUNDATIONAL EDISCOVERY TRAINING

“ This certification helped me to broaden my knowledge of eDiscovery, especially on how

GAIN VALUABLE AND FOUNDATIONAL E-DISCOVERY UNDERSTANDING

MODULE 1 – INTRODUCTION TO E-DISCOVERY. Duration: 40 min.

MODULE 2 – BUDGETING CONSIDERATIONS. Duration: 30 min.

MODULE 3 – PROJECT PLANNING. Duration: 25 min.

MODULE 4 – INFORMATION MANAGEMENT AND LITIGATION READINESS. Duration: 30 min.

MODULE 5 – LITIGATION HOLD IMPLEMENTATION. Duration: 30 min.

MODULE 6 – . Duration: 35 min.

MODULE 7 – LEGAL FRAMEWORK AND OBLIGATION. Duration: 30 min.

MODULE 8 – COLLECTION PLANNING AND IMPLEMENTATION. Duration: 35 min.

MODULE 1 – DATA CULLING. Duration: 30 min.

MODULE 1 – TECHNOLOGY ISSUES. Duration: 35 min.

MODULE 1 – REVIEW PLANNING. Duration: 30 min.

MODULE 1 – DOCUMENT REVIEW. Duration: 45 min.

MODULE 1 – . Duration: 30 min.

MODULE 15 – DATA PRODUCTION. Duration: 35 min.

MODULE 16 – INTERNATIONAL DISCOVERY. Duration: 50 min.

MODULE 17 – ETHICS IN E-DISCOVERY. Duration: 60 min.

Slide 2: Overview and Expectations

Slide 3: Module 1: Learning objectives

You will learn about:

Slide 4: Module 1: Basic terms and Common e-discovery Phrases

1.4.1 Before we start, let’s review some basic terms.

1.4.8 A non-party is a person or entity that is not named as a party to a lawsuit.

1.4.11 If you need to review these terms, click on ‘Glossary’

Slide 5: What is e-discovery

Slide 6: Amendments to the FRCP

Slide 7: FRCP Rule 26(a)(1)(A): Initial disclosure

1.7.2 Click on each button to learn more.

Include in each button layer

Heading: INITIAL DISCLOSURE REQUIREMENTS UNDER FRCP RULE 26 (a)(1)(A)

Slide 9: Non-Party Information

1.9.4 Click on each button to learn more.

NON-PARTY INVOLVEMENT (Button)

REQUESTING DATA FROM NON-PARTY RESPONDENTS (Button)

ESI DELIVERY (Button)

Slide 10: FRCP Rule 30: e-discovery depositions by oral examination

1.10.2 Notice or subpoena directed to an organization

Slide 11: FRCP Rule 26(b)(2)(C): Cost-sharing or cost-shifting

1.11.3 Click on each button to learn more.

Cost Limiting (Button)

Cost Vs. Benefits (Button)

Slide 13: The Electronic Discovery Reference Model

Slide 14: Overview of the Litigation Process

1.14.3 Click on each button to learn more.

MOTION PRACTICE (Button)

TRIAL ALTERNATIVES (Button)

Slide 15: Module 1 complete

The Federal Rules of Civil Procedure (FRCP)

SLIDE 2: MODULE 2 LEARNING OBJECTIVES

How to measure the volume of data

SLIDE 3: BASIC TERMS

2.3.1 Before we start, let’s review some basic terms.

2.5.1 Cost is generally the biggest concern in an e-discovery project.

2.5.2 Other than trial, discovery is the largest budget item.

SLIDE 6: COST DRIVERS IN THE E-DISCOVERY BUDGET

yz{|}ÿ}

163ÿ1869ÿ4 ÿ 843ÿ