Mark Lyon

eDiscovery Attorney

April 25, 2014

Logikcull – An Amazing, Self-Service eDiscovery Experience

Over the years, I’ve had the opportunity to test a wide variety of document review platforms. Some, like Relativity and OmniX, seem to do a great job of solving certain review challenges, particularly in large projects. Some, which I won’t name, can be frustrating no matter the type and size of project. Others focus on solving specific challenges and are great options for specific needs. One of those recurring challenges is clearly small project eDiscovery.

Many of the larger, more complex tools really are best suited for use in an environment that has made a significant investment in technology, tuning and support. On a small case, it can be difficult and impractical to use some platforms. Fortunately, the folks at Logikcull have stepped in to solve this problem with a self-service, fully automated eDiscovery platform.

Occasionally, I have cases I’m personally handling that are far too small to worry with sending through the normal workflow I’d use on a larger case. Usually the eDiscovery needs on these small, generally pro-bono matters, don’t require a complex tool.   Creating a PST of the relevant documents and exporting to PDF, then adding on any scanned documents will suffice.  Sometimes, however, a case that seems small will suddenly explode, such as when a client explained to me, just a few days before a discovery deadline, that she’d discovered a backup of a PST containing documents we’d not yet reviewed.

I was able to create a PST of the relevant documents quickly, but my normal export to PDF method was far to cumbersome for the specific population, which included numerous attachments I’d need to manually extract.  Instead, I decided to look for a simple, self-managed tool to process and create the production and was met with limited success.

The team at Logikcull, however, left a comment and suggested I give their product a try.  Having met my deadline through other means, I took a look at their offering (which I previously had heard about only in a gimmicky, “you can review documents on a smart watch” way) and was thoroughly impressed.

New ProjectThey sent me a link for a free trial and I logged in to create my account.  I was immediately able to create a new project, specifying a few options like how to render Word, Powerpoint and Excel files and what sort of deduplication I desired.

With that accomplished, I was able to immediately start uploading data, using a drag and drop interface, right from their web page. The process could not have been simpler and, when my connection dropped out in the middle of one large file, the system immediately resumed when I clicked “restart”.  While one file uploaded, the others started processing; the entire operation was finished in a few minutes while I handled other matters.

Logikcull Upload ProcessingWith processing complete, I was given a mini-report that included the number of documents, file size, and even how many exceptions required special handling.  The documents were immediately available to me and I was able to start coding right away.

The review interface is geared toward small, focused review teams working on the project.  Many options are available as one reviews, but all documents are rendered in a TIFF-like viewer (though, no special plugins or downloads are required – the entire review interface works with standard web browsers like Google Chrome).

Searches were easily built using uploads, custodians, tags or keywords. Once a search is saved, it can then be exported as a production, immediately, right in the web interface. In my discussions with the Logikcull team, they even plan to offer the option to send a secure download link (with delivery notification) to the opposing parties, eliminating even the need to download and re-send the file.

The production tool offers a number of pre-built templates for delivery to Relativity, the DOJ, SEC and FTC.  They also allow users to define their own templates as needed.  The step-by-step tool then asks a user to specify the load file format, choose image, native file and text file options and to include optional reports.  Once the options are set, a name is assigned and a starting bates number given, and the production assembles itself and alerts you when the download is ready.

The tool would easily accommodate a same-day turnaround of loading and production and is easily handled by just one attorney.

While there are some limitations of the platform designed to impose some uniformity and allow it to operate with little intervention from their support team, users willing to make minor adjustments to their workflow to accommodate its process will easily find that they can self-manage their small projects and produce high-quality results.

Having started in a small law firm, this tool would have been incredibly valuable on numerous cases and the pricing was recently (as of 6/30/14) changed to a per user, per year model that is well within the realm of reasonableness for small firms. Each user costs $2,500 per year (with a sliding scale of discounts for buying longer terms or more seats) and comes with 5gb of upload space per seat (upload space is based on uploaded file size). Additional uploads cost $100/gb (and again, discounts are available if you buy in bulk). There do not appear to be limitations on the number of separate cases that can be configured. For a limited time, users who sign up will receive no recurring cost storage, eliminating any concern over monthly costs for long-running cases. Because their system creates TIFFs and PDFs on ingestion, there are also no costs involved in making productions in either format. The value of the simplicity, speed and flexibility cannot be understated.

If you’re a tech-savvy attorney working on a small project or at a firm without an existing eDiscovery infrastructure, Logikcull is certainly worth testing. You may find that it serves many of your needs quite well.

This post was updated on 15 July 2014 to reflect changes to the company’s pricing structure.
April 7, 2014

Nextpoint Discovery Cloud

Over the past few years, I’ve had occasion to use many different review tools. There are constantly new entrants, however, and one of the more interesting ideas I’ve seen is Nextpoint Discovery Cloud. As I understand it, their tool takes an upload of data to be processed and – in a self-serve, automated way – handles the basics of processing and loading the documents into their tool.  Attorneys can then quickly review and tag documents, perform redactions and finally create their own productions.

For small cases, it seems like an excellent solution.  They also promote themselves as a very good solution for solo and small firm practitioners, which makes sense.  In many matters, it doesn’t make sense to engage a large team or even fire up a complicated database.

This weekend, I was hit with such a case.  What initially looked to be a small, easy to create production for a pro bono matter turned into a 4GB monster with embedded attachments.  Instead of turning to my traditional processing and production resources, I reached out to Nextpoint, wanting to give their tool a try on what seems like the sort of project their product is designed to handle.

First, though, I needed an account and a database.  I thought I could use their $25/gb on demand service, but the system doesn’t generate accounts online. Instead, you have to talk to a sales person.  I filled out the form and waited.  Then, I gave up waiting and called, only to be connected with someone who managed to talk me out of giving it a try, since the processing runs in batches and could take a while and I wasn’t trained in the tool. With a short deadline and no way for them to judge the level of skill I might have using the tool, there was significant risk in letting a first-timer jump in with a same-day matter. It was perhaps a better solution than handing me the keys and letting me fail on my first try,  but I remain disappointed.

I hope to give this tool a try when I’ve got a bit more lead time for one of my personal cases, but wonder if others have experiences on this platform they can share.

November 25, 2013

Microsoft Urges eDiscovery Rules Changes

Today, Microsoft posted an article about eDiscovery that shed some light on their internal preservation and review burden. “In FY 2010, Microsoft had to preserve about 39 terabytes in total to comply with obligations. By the end of FY 2013, that number grew to more than 261 terabytes.” They also note that the company has expended “$600 million on outside services to help with discovery in the past decade”.

Their blog post then continues with a discussion of how changes to the Federal Rules can help alter the burden of litigation, both by reducing the scope and by limiting the risk of sanctions. (Note, the deadline for public comment on the proposed changes is 15 Feb. 2014.)

Microsoft describes their litigation process as the typical narrowing of a population through the cycle of preservation, collection, processing, review, production and ultimate use, starting with nearly 60 million documents preserved to reach 88 pages of exhibits. They don’t discuss what methods they’ve used to find savings in the current eDiscovery environment, but do mention “manual review” which seems to leave open the possibility they’re not maximizing available technologies and methods to cut the existing burden without changes to the rules. There may be some savings to be found in applying current best practices.

More importantly, however, Microsoft seems to ignore their own responsibility for the explosion of electronic data.

With Exchange Server, Lync and countless other products, Microsoft has long helped add to the tremendous burden of preservation and review. They could, if so inclined, build their systems that are better equipped to cut the cost of review. As one of the prime suppliers of the technology used to generate the data that ultimately becomes part of discovery, customers might find significant value in products and services designed in a way that makes it possible to minimize noncompliance with retention policies, stores data in the most logical and deduplicated manner, allows for pre-collection evaluation of custodial information and even assist in implementing legal holds or review. Yet, the burden of discovery doesn’t seem to be a design or selling feature of many Microsoft systems.

Further, their desktop applications, including Word, Excel and PowerPoint, use file formats that are intentionally obfuscated and often complicated to examine. Making access to things like previous versions, tracked changes, hidden comments and speaker’s notes easier when processing for litigation would dramatically reduce the risk of numerous reviews. The files generated by these applications have also grown in size as new versions are developed and additional cruft must be jammed into the saved copy to create the same result.

While Microsoft may have some valid points regarding the rules, they hold in their hands a far more powerful weapon in fighting eDiscovery costs, but have not yet learned to wield it effectively.

November 20, 2013

Asking Questions During Training

This morning, Above The Law posted seven tips for new contract attorneys. Take a moment to look over their list and explanations; generally, it contains some good advice.

Their second tip, “Don’t ask hypothetical questions”, is particularly wise.

Use the question time after a training to clarify any confusing or conflicting information provided in training.  I also like to ask, for the benefit of the team, some general information about the first custodians we’ll encounter (who they are and how they relate to the case, the types of documents we expect – emails, share files, chats, etc). As advised above, though, don’t try and speculate on coding of hypothetical documents. Don’t ask administrative questions of someone there to provide substantive guidance. They don’t know where to find the restroom, can’t provide you the work schedule and aren’t going to direct you to the best deli for lunch.

Far too often, someone new to a project will want to demonstrate their experience with the subject matter or general intelligence and ask either a rambling, confusing question or they’ll set out to play “Stump the Associate.”

With the confusing question, any answer is likely to complicate coding for many of your peers, as they will be unclear both on the exact substance of your question and how to apply whatever response is given to the documents they ultimately will face. If you try to embarrass or outshine the associate sent to conduct training, you’re quite possibly at risk of not remaining on the project (particularly if you are wrong).

Remember, your agency’s client is likely the very person you just insulted. The livelihood of everyone involved in your project revolves around providing high quality work to that case team while keeping them happy. Trying to “crack the case” with some magical question or other interaction with counsel will surely cause you to be remembered, but likely not favorably. Embarrassing or insulting clients is not a way to retain business.

Similarly, offering unsolicited insights on case strategy and matters unrelated to the facts we’re uncovering in discovery can be frustrating. Everyone wants to apply their skills and experience, but each person on a matter has a specific role. Going outside assigned duties, particularly as a temporary member of the team, is often not well-received.

Do focus on generating example-based questions once you’re looking at documents. Often, protocols are written long before anyone has a firm understanding of the material you will encounter. Distinctions between issues that were not anticipated, documents that don’t squarely fall into a responsiveness category but seem relevant and even factual issues that play into making determinations are all fair game for questions. If you need clarification, speak up.

I strongly prefer example-based questions because they make it easy on the person providing an answer and gives them quick insight into what you’re seeing. Instead of asking a simple question of general applicability, give one or more Document IDs, a quick one-line statement that explains the example and then ask the question. If you can propose a coding for the document, do that as well. For example:

GGL9954323.234.234 – Email dated 7/10/10 from Smith to Jones, discusses plan to buy competitor device at Buy Mart on way home from work – his daughter wants one for birthday. Per protocol, documents showing purchase of competitor devices for research purposes should be marked with Issues 8, 13 and 17. Should documents reflecting personal use or purchase also be included as responsive under these issues?

Questions like this are in a form that can be easily forwarded with minimal alteration (long, rambling questions often require someone to edit them before asking for answers) and provides a reference to the actual document along with a simple explanation, which makes it far easier to evaluate the question and reply if the document is not immediately accessible.

Generally, getting an answer faster is a good thing, since it prevents miscoding documents (necessitating clean-up) if the answer is not what was expected. The question-writer can facilitate that by making responding easy.

Sixth Form Common Room image courtesy of Rob Brewer.
November 19, 2013

Quitting a Doc Review Project Early

Project schedules are always unpredictable. Populations and deadlines change, team members move faster or slower than expected, the database takes a nose dive on the Thursday before a production deadline or (my personal favorite) the day before you’re done, someone “finds” a population of data roughly the same size as what you just finished.

When I’m staffing a review, I tend to assume a conservative review pace and also account for some absences by rounding my estimates down. If the population is known at the outset, it’s rather easy to give a predicted duration. If not, though, sometimes the best one can do is guess with the information available. Generally, I try to err on the low side – it’s terrible to have a team come to a project expecting a month of work only to run out of docs ten days in.

Poor estimation, though, sometimes results in team members having conflicting commitments. If a team member has worked the amount of time initially estimated, I can’t find much room to criticize leaving a project before it’s done. Review Attorneys need to keep their dance card full – downtime gets expensive fast. Similarly, I’m thrilled to hear that members of my team have accepted full-time positions during any part of a project. In those situations, it’s easy to alert the project leadership that you’ll be leaving. Give as much notice as you can. The team leader may be planning to train new people or to make other changes; knowing your plans can help inform those decisions.

It’s less exciting to have team members leave a project within the duration outlined at the beginning of a project. The reasons people leave projects early are far too numerous to list. Some are clearly false, many are not, but some can make an attorney seem incredibly unreliable. The absolute worst are pre-planned, long-term vacations in the middle of a short project. If you’re not available, tell the recruiter in advance. Not all absences will prevent someone from participating in a project, but it’s far better to know about such things in advance.

When emergencies come up, try and provide an expectation about your availability. If your grandmother dies and you’re going to fly to Iowa, alert the appropriate person about the trip and when you plan to be back. If the project is ongoing, your team may likely want you to return. Don’t just show up a week later without approval to return, though (yes, it’s happened).

If a project is just not the right fit for you, it’s likely that honestly approaching your team leader about the issue will result in a far better resolution. Having someone leave with no explanation is confusing and frustrating. Sometimes the subject matter just doesn’t make sense, the platform is too hard to navigate or some administrative change doesn’t meet with your expectations or tolerances. Maybe it can be fixed, maybe not. At a minimum, though, the problem can be understood and any disappointment tempered.

Keep in mind that, even in a city like New York, the document review community is quite small. If you leave a project because you were “hit by a cab”, hearing from other team members that you were trying to get them to leave and join you on another project the next day can be infuriating. Similarly, the things you post on Facebook, Twitter and Instagram might also be seen by your recruiter or staffing agency; it’s not good when it conflicts with what they’ve been told.

Often times, review attorneys fear sharing information about their plans, worrying that they’ll be immediately tossed from a project or not considered in the future. While this concern should be considered in some workplaces, I’ve generally found these concerns to be overblown. Most prudent project managers realize that it is best to make the best use of a person’s time while they can participate, particularly once they’ve been trained and understand the matter. Waiting until the last minute to announce an absence or departure that was known in advance, though, makes completing the project more difficult and can put your team in a bind.

Resignation Letter image courtesy of Carey Ciuro.
November 18, 2013

Why Can’t I Use My Cell Phone During Doc Review?

New reviewers often express frustration about the number of rules involved in document review. Review attorneys are generally quite intelligent and hardworking people – being told what to wear or what to do seems, for many, insulting. Rules are necessary, though, because not everyone conducts themselves in a way that respects everyone working around them. I often struggle with presenting facility rules in a way that gains the maximum amount of compliance while also making it clear that team members should be open with their concerns. Often, though, explaining the reasoning behind the instructions is the most effective method.

In my office, we hand out our office policies along with project training materials, outlining basic rules that tend to stay the same between projects. One of these rules is a prohibition on the use of cell phones when at your desk. In today’s connected society, this creates more than its fair share of controversy.

The rule does not exist to make working miserable. It exists because (1) clients demand it as part of basic information security and (2) there are significant productivity benefits gained when team members aren’t constantly checking their personal devices.

Information security is a huge issue for clients outsourcing document review. Team members are usually engaged for a single project, carrying (in the client’s mind) little loyalty to the client, law firm or vendor. The information being reviewed is often quite sensitive. The possibility of collecting and transmitting client information using a cell phone is not just the plot of a bad Grisham novel; it can happen. Having enforced policies in place at the review facility to prevent the dissemination of that information is a requirement when working with almost any client. Use of cell phones and Internet come up during almost every client visit to the review facility. My office is also routinely audited by clients for compliance and we test our controls regularly to maintain our ISO 27001 certification.

While I have mixed personal feelings about the performance impact of access to outside connectivity while working, I have seen strong evidence that groups perform better without the significant distractions offered by mobile devices. Certain individuals are able to task-switch seemingly without issue and use the short downtime as an opportunity to personally recharge, but far more dive into a cycle of distraction at the slightest interruption. For some, even seeing others being distracted can lead them to stop their own work.

The days of being able to lazily move through a review population (often littered with easily non-responsive material) are long gone. Productivity expectations are high and, with advances in technology, much of the irrelevant content of the past never makes it to a reviewer’s eyes. Many more of the documents in an assignment are going to require serious concentration to ensure they are properly coded.

On an administrative side, the rule is a pain to enforce. I can’t – nor do I want to – monitor every moment of my team’s day. I prefer to allow reviewers the maximum amount of autonomy possible, walking by but not interrupting the work unless necessary. But, once I start seeing people sneak cell phones from their pockets and bags for a quick text or to check their personal email, I’m obligated to step in with a warning. If there’s a special concern like a hospitalized family member, requiring you to constantly monitor your messages, alert your supervisor. Usually a solution can be found.

Some facilities alleviate the administrative burden by abolishing phones from the room completely. In one office I worked with, each reviewer had a private, lockable cubbyhole in a lounge area. Cell phones, purses and all other electronics had to be stored there before entering the office. While there are some situations and clients for which this is necessary, I prefer extending enough trust in people to have them keep their devices in pockets or purses during the day.

In my office, we have dedicated non-review spaces for phone calls and surfing the Internet. If your review facility doesn’t have clearly-identified locations, make certain to ask. People get quite angry when someone has a phone conversation in the hallway outside their office or – and this has actually happened – in the handicapped stall of the restroom. We try to keep a small conference room available for private conversations (it even has a nice speakerphone that works far better than anyone’s cell); it’s available to anyone who asks, so speak up. It’s the perfect spot for taking a phone interview.

As with any non-work activity, it’s important to also mention billing and time allocation. Unless you have remaining time under a compensated break policy, don’t bill for time spent checking your personal email, texts and making phone calls. In my office, a certain amount of break time is included with every billable hour, but every office will have its own policies. Properly billing your time is an important responsibility. Make certain to understand and properly apply your workplace’s rules starting with day one.

I have the benefit of working in a facility dedicated almost exclusively to review – things get much more complex when working in a temporary setting at a law firm or client site. I once did a project in a temporary space in a client’s building, only to find that the rest of the floor was leased to a third party. Things like using the restrooms on our own floor or even getting water from what we thought was a shared break room caused significant problems. One law firm I worked with wanted us to track any time away from the computer (even though we never actually had much work to do at the machines) and needed us to ask permission to step away from our area. When working in a temporary setting, be doubly cautious about inadvertently offending those whose space you’ve invaded. Seek out advice and instruction from the project’s leadership on the policies and expectations and gently point out any specific concerns you encounter as soon as possible.

In any situation, unless it’s clear that you’re on a personal break, keep your cell phone safely stashed. Get up and take a break from time to time; it provides a perfect opportunity to check your messages.

No Texting While Flying the Space Shuttle image courtesy of Ian Kitajima / Oceanit.
November 7, 2013

Internet Archive Scanning Center Fire – Donations Needed

The internet provides an amazing ability for immediate change. As new information is available, sites can be updated, documents republished and content refreshed to reflect new information. I first encountered the Internet Archive when I needed to be able to demonstrate what had been removed from a website. Fortunately, the Wayback Machine was ready and waiting to offer a full archive of the many changes made to that site, at absolutely no cost.

For litigation, archived web pages can often be a lifesaver. The Internet Archive will, for a small fee, provide an affidavit of authenticity to assist in admitting the archived copies as evidence. An amazing service worth far more than they charge.

The Internet Archive doesn’t stop with just one archiving project.  They also host the RECAP project which helps liberate documents filed on Federal Court dockets through the use of a simple browser plug-in for PACER users.

They also host a huge archive of video, audio, software and written materials.

On the morning of November 6, however, the scanning center responsible for imaging books and other documents was destroyed in a tremendous fire. About half of the materials in the scanning center for imaging were lost, but the remainder had been imaged and saved on servers next door. Approximately $600,000 worth of scanning equipment, however, is a complete loss.

The Internet Archive’s efforts are a significant benefit to the community at large. Please take a moment and support them as they work to rebuild the scanning center and to support their other, incredibly valuable projects.

It’s also important to consider your own disaster planning. Do you have insurance that will cover the replacement cost of your necessary equipment? Are your important files archived offsite? Can you easily restore your backups and work from them?

In many law practices today, it’s become standard practice to image incoming documents. Far too often, however, offsite backups are neglected. In this case, the Internet Archive had its servers in an adjoining building which was not burned. Would the same be true of the files on your office server?

Internet Archive Fire image courtesy of The Internet Archive.
July 24, 2013

The Importance of Affirmative Tags

Designing an effective, intuitive coding layout is not always as easy as it seems.

Often, the choices made in coding selections will color the ultimate work product, so much care and attention goes into crafting specific issue codes and responsiveness instructions that distill various requests into easily understood components. That list will then circulate through the firm, with various stakeholders taking on specific items of concern to their individual focus. These additions are sometimes helpful, sometimes confusing and need to be fully evaluated as part of the protocol and review prep process.

Invariably, someone will notice that there are just a few too many tags. The list is getting long. In an effort to improve things, they’ll start trimming “unnecessary” choices. For many, the first to go is “Not Privileged”. For some reason, the same people never seem to be willing to cut their six different privilege subtags.

Affirmative Tags like “Not Privileged” are an absolute necessity. They help ensure the document receives a full and considered review. Without requiring a call on an important section like privilege, it’s far too easy for a fast-paced reviewer to short-circuit their analysis and move to the next document.

This lesson was driven home on one of my first reviews.

I was reviewing in a converted storage space at with a team of reviewers who had been working at the same large law firm for quite some time. While our instructions were to tag all applicable documents as privileged, regardless of responsiveness, far too many team members let the analysis slide on non-responsive documents. In the firm’s normal coding instructions, priv calls were not required on non-responsive families. This review was being conducted in conjunction with a second firm, though, and the instructions in the matter were different.

Someone removed the “Not Privileged” tag during the setup process. This prevented the platform vendor from requiring a priv call on every document, setting up a dangerous situation where the calls were not being reliably made. It didn’t help that the priv section required scrolling to the very bottom of a very lengthy coding form in a low-responsiveness matter. Sometimes people would remember to tag the priv call if highlighting made it clear that a document required, but many didn’t bother with the non-responsive documents. I fear some may not have remembered to look out for non-highlighted concerns even on responsive docs.

After several productions had been made, an updated request was received. The request was easily resolved with a quick database search (it may have been as simple as “all documents between Person X and Person Y during Month Z”) and the review team had already examined the documents. Without circulating the documents back through review, the search was run and the population bundled into a production. What had previously been a non-responsive population of documents contained several privilege landmines, none of which had been tagged as such. Without the required affirmative call, it was far too easy for the team to miss the (seemingly unnecessary) coding.

Fortunately, the issue was spotted before the production went out. A quick privilege review was conducted and a non-trivial number of documents changed. The result could easily have been far different.

When setting up coding options, fight to keep the affirmative calls, even if they seem redundant or unnecessary to some. If your platform supports, enforce a coding constraint that requires the tag to be applied before moving to the next document. Doing so will improve coding accuracy.

July 22, 2013

Django for Reporting

Generating reports and logging data is a common but necessary task for all project managers. When dealing with eDiscovery, the task can quickly grow out of hand. Populations, progress, errors, deadlines, billing and all sorts of other information must be easily accessible to those managing the matter. Without the right data, you can’t work efficiently.

Often, managers will resort to using a complicated series of spreadsheets. This works well for simple needs, but soon one discovers that different audiences require varying levels of detail. Data collected in one place needs to be interpreted somewhere else. Repeatedly entering the same information in different places (with varying degrees of accuracy and update frequency) often ends up with poor data quality. At best, it’s a pain point. At worst, people give up on monitoring a complex project.

I coped with these issues first by automating some of my more basic spreadsheets. Using VBA, it was possible to reduce some duplicative data entry and make things a bit easier. But, requests for new features continued to grow.

That’s when I started looking toward a more comprehensive solution. While my workplace has an in-house development team to support many of our needs, I found myself wanting specific things to meet my workflow or a one-off need. I soon found myself creating web-based Django applications.

Django is a web framework for Python that has a simple, yet powerful administrative interface baked in. After defining a data model (similar to outlining the fields you want on a spreadsheet), one can quickly activate the admin backend and get to work adding and working with data, even before the public views and templates are finished.

Django allows projects to consist of small, task-focused apps. Start your first one by converting an existing spreadsheet into a web app. For example, I started with our running list of reviewers and augmented my existing data with historical information from past projects, new contact details and even grabbed photos from LinkedIn and other sources. From there, it was easy to start a separate app to monitor daily project metrics. Once you have the data accessible in a central database, the possibilities become endless.

Similar frameworks exist for other languages – I’ve long been a fan of CodeIgniter with PHP, for example, but the Python / Django combination is easy to learn and quickly use. Few come with anything matching the power of Django’s built-in admin.

Python itself is a huge help for eDiscovery. Often, work with loadfiles or other data exports requires string manipulation or other simple database tasks. Python can easily work with these export formats and correct issues or provide an interactive interface for analysis. Once you’ve mastered the basics of the language, a weekend spent with the Django tutorial makes moving to web-based apps easy.

If you’re looking to learn to use these tools, I highly recommend the following progression:

From there, you’ll naturally find your way to other resources like Stack Overflow, all of which provide a community of helpful people willing to offer assistance with your questions.

Programming is an almost essential skill for those working in eDiscovery. The time invested in learning to effectively use a language like Python will pay huge dividends.

Django Con Source Code Image courtesy of Yashh.
June 26, 2013

Criminal and Governmental eDiscovery

Justin Murphy of Crowell & Moring in D.C. recently published an article on dealing with electronically stored information (ESI) for criminal defendants, prosecutors and defense attorneys. He notes, as have many working to produce information to the government, that some of the protections against discovery abuses found in the civil context have not yet developed in governmental investigations and criminal matters. Indeed, these types of eDiscovery projects can be incredibly expensive, complex and time consuming.

An interesting approach to considering search and seizure of ESI taken in his article:

With collection of ESI via a search warrant, it is helpful to think of it as two searches and seizures. First, there is a search of the place specified in the warrant. Over-seizure of ESI is often the result because of the practical realities of on-site searches of large volumes of data, and the fact that files can be readily disguised and intermingled with other personal and/or irrelevant data. Courts have acknowledged and seemingly accepted the need to over-seize in the “first” search and seizure. The second search and seizure usually takes place at law enforcement offices where agents search for and seize data from the “warehouse” of ESI they previously seized.

The debate rises from the second search and seizure – by over-seizing ESI, the government has created a risk that every ESI warrant will be a general warrant, and that the plain view exception to the Fourth Amendment will be rendered meaningless. Courts have questioned how much they should be involved in controlling the government’s conduct of the second search and seizure, whether or not computers deserve special treatment in digital evidence cases, or whether they are analogous to more traditional document containers, such as filing cabinets.

Mr. Murphy covers the basics of the Joint Federal Criminal E-Discovery Protocol, as well as evidence from cell phones, GPS devices, social media and encryption. For those dealing with criminal or investigatory eDiscovery needs, his article is worth a look.

Seized computer image courtesy of West Midlands Police.
Newer Posts
Older Posts