Litigation Readiness: A Practical Approach to Electronic Discovery

Litigation Readiness This page intentionally left blank Litigation Readiness A Practical Approach to Electronic Dis...

Author: Prashant Dubey | Sam Panarella

34 downloads 664 Views 697KB Size Report

This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!

Report copyright / DMCA form

DOWNLOAD PDF

Litigation Readiness

This page intentionally left blank

Litigation Readiness A Practical Approach to Electronic Discovery

Prashant Dubey and Sam Panarella

1

1 Oxford University Press, Inc., publishes works that further Oxford University’s objective of excellence in research, scholarship, and education. Oxford New York Auckland Cape Town Dar es Salaam Hong Kong Karachi Kuala Lumpur Madrid Melbourne Mexico City Nairobi New Delhi Shanghai Taipei Toronto With oﬃces in Argentina Austria Brazil Chile Czech Republic France Greece Guatemala Hungary Italy Japan Poland Portugal Singapore South Korea Switzerland Thailand Turkey Ukraine Vietnam

Copyright © 2011 by Oxford University Press, Inc. Published by Oxford University Press, Inc. 198 Madison Avenue, New York, New York 10016 Oxford is a registered trademark of Oxford University Press Oxford University Press is a registered trademark of Oxford University Press, Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior permission of Oxford University Press, Inc. ______________________________________________ Library of Congress Cataloging-in-Publication Data Dubey, Prashant. Litigation readiness : a practical approach to electronic discovery / Prashant Dubey, Sam Panarella. p. cm. Includes bibliographical references and index. ISBN 978-0-19-538407-9 ((pbk.) : alk. paper) 1. Electronic discovery (Law)—United States. 2. Electronic discovery (Law) I. Panarella, Sam. II. Title. KF8902.E42D83 2011 347.73’072—dc22 2010037536 ______________________________________________ 1 2 3 4 5 6 7 8 9 Printed in the United States of America on acid-free paper Note to Readers This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is based upon sources believed to be accurate and reliable and is intended to be current as of the time it was written. It is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If legal advice or other expert assistance is required, the services of a competent professional person should be sought. Also, to conﬁrm that the information has not been aﬀected or changed by recent developments, traditional legal research techniques should be used, including checking primary sources where appropriate. (Based on the Declaration of Principles jointly adopted by a Committee of the American Bar Association and a Committee of Publishers and Associations.)

You may order this or any other Oxford University Press publication by visiting the Oxford University Press website at www.oup.com

C ONTEN TS

Foreword xiii xix Introduction 1. A Framework for Litigation Readiness 3 1.01. An Organized Business Process—Five Key Components 3 [A] Components of a Business Process 4 [1] People 4 [2] Process 5 [3] Technology/Tools 6 [4] Management Controls 7 [5] Metrics 7 1.02. The Consequences of a Lack of Business Process 8 [A] Risk, Cost, and Cycle Time 8 [1] Risk 8 [2] Cost 8 [3] Cycle Time 9 1.03. The Business Process of Litigation 9 [A] The Mechanics Behind Good Lawyering 9 [B] The Six (+2) Basics of E-discovery 10 [1] Identiﬁcation 10 [2] Preservation 12 [3] Collection 14 [4] Processing 14 [5] Review 15 [6] Production 16 1.04. Decision Framework to Support Discovery Process 16 [A] Balancing Cost, Risk, and Cycle Time 16 1.05. Guiding Principles 17 [A] Narrative Plans Fall Short 18

[B] Create a Plan People Will Use 18 [C] Perfection Not Required—Just Good Enough Is Preferred

19

2. A Business Process for Litigation Readiness 22 2.01. A Foundation for Continuous Improvement: Assessment, Planning, Implementation, and Embedding 22 2.02. Planning + Execution = Success 23 2.03. Four Steps to the Business Process 23 2.04. Big Bang vs. Iterative Approach—The Technology Elixir 23 2.05. Continuous Improvement Focus 24 2.06. Assessment as a Basis for Establishing Proportionality 24 2.07. A Balance Sheet Look at Litigation Readiness 25 2.08. Assessment as Mineﬁeld 25 2.09. What Makes You Special? 26 2.10. Discovery Response Planning vs. Discovery Response Plan 26 2.11. Internalizing Your Culture 27 2.12. Implementation: 5 Parts People, 1 Part Tools 27 2.13. The People Factor in Litigation Readiness 28 2.14. Embedding: Back to the Basics of Change Management 28 2.15. Outside Counsel Role in Litigation Readiness—Bring the Outsider In 29 2.16. Choosing the Right Outside Counsel 29 2.17. Horizontal vs. Vertical Expertise 30 2.18. Get Outside Counsel Involved Early 30 3. Assessment, Part I: The Fabric of Introspection 32 3.01. A Parable 32 3.02. Self-Assessment 33 3.03. Understand Cost Proportionality 34 3.04. Assessing Discovery Intensity 34 3.05. Company and Industry Litigation Proﬁles 35 3.06. Identifying the Risks—In Just Good Enough Style 3.07. Corporate Cultural Shift Required 37 3.08. Confronting Reality 37 3.09. Paper Trails and Tigers Only, Please 39 3.10. Assessing Current Practice/Process—Documenting the Gaps 39 3.11. ESI Content Map Deﬁned 40 3.12. Assessment Should Be Broad-Based 40 3.13. Knowing Thyself 41

[ vi ] Contents

36

3.14. Is the Assessment Discoverable? 41 3.15. Human Dynamics Foundation for Embedding Process—Get Your Cohorts Talking to Each Other 42 3.16. Defensibly Diverse Processes 42 3.17. The Linear/Nonlinear Process 43 3.18. Relearning Your Job 43 3.19. Trust Your Employees 44 4. Assessment, Part II: Internalizing Introspection—Metrics, Gaps, and Assimilation 46 4.01. Measuring for E-discovery Mastery 46 4.02. Baby Steps 46 4.03. Ad Hoc to Value Added 47 4.04. Setting a Baseline for Litigation Readiness 48 4.05. Questioning the Way Things Are Done 48 4.06. Real Gaps, Real Consequences—People, Process, and 49 Technology Gaps 4.07. Risks in Preservation 49 4.08. Creating a Framework for Risk Proﬁle 50 4.09. The Story in Data 51 4.10. Drilling Down to Find the Gaps 51 4.11. Assimilating and Interpreting the Results—Secret 52 Sauce [A] Better, Faster, Cheaper 53 [B] What Is “Just Good Enough”? 53 [C] Good Enough = Good Faith 54 [D] Achieving Proportionality 55 [E] Predictable, Defensible 55 4.12. Taking Action 56 [A] Much Ado About Nothing? 56 [B] Nonbelievers Unmasked 56 [C] Action = Desired Outcomes 57 [D] Mix in a Little Politics 57 [E] Distributing Ownership 58 [F] Truth Telling 59 5. Process of Planning Precedes Permanence of Plan—aka Change Management 60 5.01. Planning Begins with Introspection: Socializing the Assessment Results 60 5.02. The Urgency behind Socialization 60

Contents [ vii ]

5.03. As the Wheels Turn 61 5.04. Threat or Opportunity? 61 5.05. Elements of Socialization 62 5.06. Taking the First Step: What Comes First, Risk or Cost? 63 Striking the Balance [A] Risk vs. Cost Gaps 63 [B] Documenting the Documentation Philosophy—Don’t Fear 64 the Old Plan [C] The Urgency to Recognize the Inevitable 64 5.07. Taking the Organization’s Temperature—Place It under Your 65 Tongue and Stay Still 5.08. Is 100 Percent Required? 65 5.09. Discoverability of the Plan 66 5.10. Purpose of the Plan 66 5.11. Wiggle Room in Policy, Process/Plan, Protocol: Deﬁning “Plan” 67 5.12. The Three “Ps” 67 [A] Process/Plan 68 [B] Protocol 68 [C] Policy 69 5.13. Time to Build Your Planning Team—Charter, Staﬃng, and Operating Principles 70 [A] Look Internally for Inspiration 70 [B] Setting the Tone 70 [C] Choosing Key Players 71 5.14. Executive Sponsorship vs. Executive Involvement 71 [A] Demonstrating Top-Tier Commitment 71 [B] Communicating the Commitment 71 [C] Composition of the Team 72 [D] Make It Real 72 6. The Discovery Response Process & Plan 74 6.01. The Essential Elements of the Discovery Response Plan 6.02. Organized Business Process 74 6.03. The Eight Steps to Electronic Discovery Success 75 [A] Matter Initiation 75 [B] Identiﬁcation 76 [C] Preservation 76 [1] Common Legal Hold Mistakes 77 [2] Best Practices in Legal Holds 77

[ viii ] Contents

74

[D] Collection 77 [E] Early Evidence Assessment 78 [F] Processing 78 [G] Review 78 [H] Production 79 6.04. The Details of Discovery: Dissecting Areas of Greatest Opportunity 79 [A] Nailing the IPC 79 6.05. The Players, the Tools, the Controls, and the Measurements 80 [A] Empowering Your People 80 [B] The People. . . Continued 81 6.06. Tools and Technology 83 [A] Software: Buy or Rent? 83 6.07. Measuring Litigation Readiness 84 [A] Gap Analysis 84 [B] Format/Presentation of the Discovery Response Plan 84 [C] Outside Counsel Guidance 85 6.08. Views on Discoverability 86 6.09. Getting the Message to the Troops 87 6.10. Hard Copy with Intranet Support 87 6.11. Keep, Start, Stop 88 7. Establishing a Litigation Response Team 89 7.01. Deﬁning the Oﬃce of Discovery Counsel 89 [A] The Beneﬁts of the Discovery Counsel 89 [B] Liaison Status 90 [C] Key Team Leader 91 [D] Related Beneﬁts of the Position 91 [E] Deﬁning the Role of Discovery Response Manager 92 7.02. Building the Team from the Ground Up 92 [A] Obstacles to Building Your Team 92 7.03. The Response Team Pyramid 93 [A] Oﬃce of Discovery Counsel 93 7.04. Team Structures and Constituencies 94 7.05. Be Speciﬁc 94 7.06. Key Steps for Building Your Team 95 7.07. What Does a Charter Look Like? 95

Contents [ ix ]

7.08. How E-discovery Is Changing the Landscape [A] Job-Producing Engine 96 [B] Tasks and Workﬂow 96 [C] Change and the Discovery Response Team 97

96

8. Implementation of the Litigation Readiness Program 98 8.01. Constituencies and Takeaways 98 [A] Catch the Litigation Readiness Buzz 98 8.02. Critical Team Takeaways 99 8.03. The Unknown: Key to Mastering the Inevitable 100 [A] Accept and Comply 100 [B] Mastering the Legal Hold Notice 101 8.04. Marketing the Program 103 [A] Crafting Communications 103 [B] The Sales Pitch 103 8.05. The Layers of the Litigation Readiness Onion 104 8.06. The Litigation Readiness Launch 105 8.07. Orbiting Around the Initiative 105 8.08. Keeping the Initiative in the News 106 8.09. Litigation Readiness as Corporate Change Agent 106 [A] A Package of Change 106 [B] Goes Well with Reinvention 106 8.10. Communicating the Outcomes of Litigation Readiness 107 [A] Sharing Outcomes 107 9. Embedding the Program 109 9.01. Guiding Principles to Embed the Initiative 109 9.02. Don’t Reinvent the Invented 109 9.03. Selling Litigation Readiness: Consensus, Not 110 Command 9.04. Your Studio Audience Includes 110 9.05. Others at the Table 111 9.06. Key Points to Communicate 112 9.07. Follow-up to the Big Show 112 9.08. Has Litigation Readiness Embedding Occurred? 114 9.09. The Tipping Point 115 9.10. Putting the Plan into Action 115 9.11. Steps to 26(f) Success 115 9.12. Updating Your Plan 117

[ x ] Contents

10. Litigation Readiness: Gateway to Information 119 Governance Nirvana 10.01. Redeﬁning a Critical Business Practice 119 10.02. Keeping up with Data Creation 119 10.03. Battling the Gigabyte 120 10.04. Deﬁning the New Information Governance 120 [A] Striking the Balance 120 10.05. Steps to Mastering Information Governance 120 [A] Practicing Information Governance for E-discovery 121 10.06. Discovery Dysfunction 122 10.07. 90 Percent Organization 122 10.08. The 80 Percent Solution 123 10.09. The General Liability Test 123 10.10. Prioritize and Prosper 124 10.11. Ascension of the CIO 124 [A] Evolution of the CIO 124 10.12. The CIO’s Next Frontier 125 10.13. The CFOs Take Their Shot 125 10.14. CIO/GC: Joined at the Hip 126 10.15. Elevated CIO Signals Good Governance 126 10.16. Rewards of Mastery 127 Index

129

Contents [ xi ]

This page intentionally left blank

F OR EWOR D

LETTING GO OF THE MYTHS

As battle-scarred veterans of some of the very earliest e-discovery (electronic discovery) wars, we can sometimes come across as unnaturally obsessed with this seemingly esoteric phase of litigation. But we happily suﬀer the slings and arrows from the uninformed, because what they fail to appreciate are the truly fascinating intellectual challenges and human dynamics inherent in the e-discovery process. For most, alas, the land of e-discovery can be a very unpleasant place to ﬁnd yourself. Actually, that’s not entirely true. Over the past decade, e-discovery has morphed from the tactical domain of ﬁnding and producing to an adversary in litigation relevant electronic documents, to a multidimensional information governance challenge that blends information technology, legal, compliance, records management, and core business processes. E-discovery touches almost everyone in a company. One of us is not a lawyer (and does not play one on TV). He has spent the past twenty-three years working as a corporate line manager, a strategy consultant to large corporations, and as an operating executive in corporations, large, medium, and small. This gives him a slight advantage over the law-ﬁrm-born-and-bred litigators when it comes to the e-discovery obsession, because he knows ﬁrst-hand how corporations work (and don’t work), as well as what the phrase “corporate culture” implies. The other one of us is a lawyer (though, again, not on TV). After a decade of big ﬁrm training, he has spent years applying his legal expertise directly to corporations to help them tackle some of the most pernicious challenges of e-discovery and information governance. In tandem we know what to expect when a complex organization faces an aggressive request to produce documents—a disorganized, panic-driven, and mad scramble to try to ﬁgure out where the company’s electronically stored information (ESI) is and which pieces of data among the millions

that could be responsive are truly responsive. Well, at least that is how it was . . . back in the day. Back before we started socializing the concept of “litigation readiness.” In the late 90s, when companies starting facing requests for ESI (referred to as e-documents at that time), the requisite response was similar to the one when the company was asked for paper documents. The company would look for the documents in the usual places (in the case of paper, the ﬁling cabinets of employees and central document storage warehouses), organize, and code them, then produce to the adversary the responsive nonprivileged items. The challenge with transposing this approach to ESI was that the ﬁling cabinet was the employee’s computer (or computers), and the central document storage warehouse was a complex, multitiered, distributed information technology infrastructure that was overwhelming for lawyers to navigate, much less understand. Fast-forward to 2011. Lawyers are technocrats, technocrats talk legal, and compliance, governance and business people are surrounded by risk management checks and balances in all their communications. We wrote a book entitled Litigation Readiness: Mastering the Inevitable back in 2003. Little did we know how prescient we would feel in 2011 when there is a healthy awareness—in the United States in particular, and rapidly increasing outside of the United States—of the need for companies to prepare for responding to requests for ESI. However, our work here is far from done. As such, we have authored this book to provide a current view on the “state of the litigation readiness state” and further our mission to ensure that companies do not feel like the ESI tail is wagging the discovery dog. For those reading this book who have yet to be fully initiated into the complexities of meeting a demand to produce ESI as part of a lawsuit, investigation, subpoena, inquiry, regulatory reporting obligation, or merger and acquisition, we wish to impart two very important truths: 1. The process that we call “e-discovery”—combing the corporate electronic universe for relevant ESI in response to an internal or external request—is an inevitable part of doing business in the twenty-ﬁrst century. As much as you might wish it were not so, the discovery/disclosure process has been changed forever by the ﬁgurative mountains of ESI created every second of every day by companies across the world. 2. E-discovery can be mastered. This mastery is what we call “litigation readiness,” and it will serve you extremely well in coming to grips with the ﬁrst truth. This book is dedicated to helping your organization embrace litigation readiness as a core competency. You’ll be glad you did.

[ xiv ] Foreword

This book will lead you into the sometimes dark forest of e-discovery and, if we do our job well, will provide the bread crumbs that will assist you in navigating its byzantine paths. Perhaps more important, we will also do our best to construct blinking signposts for you demarcating the paths that should be avoided at all costs. Before we begin this journey toward mastery of e-discovery, we need to dispel some generally accepted myths about this discipline. Perhaps you have had some limited experience with discovery in the electronic age. Or maybe you’ve read some articles about the subject, or eavesdropped on discussions among lawyers who have survived the process. Most corporate counsel and outside counsel engaged in discovery (which is almost every litigator today), information technology mavens, and others substantively or peripherally involved in discovery subscribe to some or all of the following myths about e-discovery.

Myth #1: E-discovery is just like regular discovery. The problem is overblown!

Reality: E-discovery is not just like regular (aka paper) discovery. To produce paper for litigation, a lawyer has to locate discrete documents, Bates stamp them, put them in a box (after conducting a proper privilege and relevance review), and ship that box to opposing counsel. ESI is fundamentally diﬀerent from paper in many crucial ways. Consider: • In the modern business environment, data resides on multiple computers, systems, and databases within a single company. • An original piece of electronic data can easily morph into multiple copies of the same data or document, subject to manipulation by diﬀerent people at diﬀerent points in time. • Electronic data is often amorphous, not made up of discrete documents or even discrete pieces of information, but bits and bytes that are constantly changing and being updated, often linked together from multiple sources. • The sheer units of electronic data—documents, emails, text messages, voice messages, transaction data in databases, and more—that compose the universe that must be searched in discovery can easily run into the hundreds of thousands, millions, and yes . . . even billions. An entirely new expertise is required to conduct such a search. It is often diﬃcult to identify what ESI is potentially relevant in the ﬁrst place, diﬃcult to lock it down, and diﬃcult to collect it in a legally defensible

Foreword [ xv ]

way while maintaining protocols that preserve all the electronic data in its naturally occurring state. The same cannot be said of paper. So say goodbye to Myth #1.

Myth # 2: Only litigators need to worry about e-discovery.

Reality: All business lawyers, litigators, and investigators (and of course their clients) are on the hook for e-discovery. Even small family law cases have been taken over by electronic evidence, as wronged spouses and others look for evidence on home computers, cell phones, and other devices.1 Many lawyers have been slow to respond to the requirements of e-discovery, particularly the technical components. Others attempt to avoid the issue altogether. Gone are the days of the “gentlemen’s agreement” with opposing counsel to simply ignore the ESI problem and stick to testimony or other forms of evidence. Times, and regulations regarding discovery, have changed. There’s no going back.

Myth #3: Only lawyers with a technical background can understand the intricacies of producing electronic records.

Reality: This one is actually good news for lawyers, because the challenge is not a technical one alone, but also one of business process. While there is inherent technical complexity associated with identifying, preserving, and collecting ESI, e-discovery is not merely, or even primarily, a technology challenge. The people and process aspects are equally as important as the technical challenges. Lawyers should take solace in this. Discovery success today, even if driven by ESI, still hinges on a lawyer’s ability to have people work together within the framework of an organized process to ensure that discovery obligations are fulﬁlled. Furthermore, the core elements of the practice of law—focusing on issues, arguments, claims, and defenses—are the principal basis upon which e-discovery should be conducted. Sound like paper discovery? In this sense, it is.

1. For more evidence of how important ESI is to small cases, consider Lorraine v. Markel American Insurance Co. 241 F.R.D. 534 (D.Md. May 4, 2007). Because both sides in this insurance case over a damaged boat failed to oﬀer electronic evidence to support their motions, the court denied a motion for summary judgment.

[ xvi ] Foreword

Myth #4: Only big cases involve e-discovery.

Reality: The ﬂoodgates of e-discovery–related case law and, ultimately, regulation were opened by what is now colloquially referred to as “the Zubulake case2,” which should have been a relatively straightforward employment discrimination suit. When the court found that UBS Warburg had mishandled the relevant electronic data, the jury was given an adverse inference instruction (where the jury is instructed that any evidence not submitted by a party should be assumed to be adverse to the party) against the ﬁnancial services company, which certainly inﬂuenced the multimillion dollar award against them. No case is too small for e-discovery to potentially play a signiﬁcant role.

Myth #5: The Information Technology (IT) group will take care of the “hard” part of e-discovery. I just need to explain in lawyerly terms what evidence I want and when I want it.

Reality: Unfortunately, many a productive legal and IT department working relationship has been dashed on the rocks of this myth. While the typical IT professional within a company is a service-oriented professional with strong technical skills and good familiarity with the manner in which ESI is managed within the company, he is not a miracle worker and possesses no special powers to divine what ESI is relevant to a particular legal matter. In other words, IT can help you meet your e-discovery obligations, but will require clear and speciﬁc requirements from you to be eﬀective. To do this, you need to know how the IT function works. That’s not to say lawyers need to be IT experts. But they do need to learn the lexicon of IT and the basic inner workings of a function that, at its core, operates very diﬀerently than the typical in-house legal department. This requires a collaborative conversation rather than a dogmatic, dictatorial approach. To master e-discovery, lawyers and legal support professionals must truly partner with IT. Often, lawyers have found that instead of playing the role of conduit to IT, it is easier to use external resources or place someone in a role of “translation layer” between the legal and IT departments. More on this later in the book. We will return to the issues raised by each of these myths as we progress through this book. But as you let go of the myths, work at tightening your mental grip on the two truths with which our journey began: E-discovery is

2. Zubulake v. UBS Warburg LLC, 220 F.R.D. 212 (S.D.N.Y. 2003).

Foreword [ xvii ]

inevitable, and it can be mastered through litigation readiness. In fact, it must be mastered if your organization is to remain competitive. As we stated in the recent book, eDiscovery for Corporate Counsel 3, . . . In-house counsel in many companies are realizing that in order to conduct proper fact and document discovery (a foundational element of the American judicial system), it is imperative that they are knowledgeable about how to identify, preserve, collect, review and produce ESI that could become part of the pool of evidence in a matter. Furthermore, these lawyers are realizing that it is also very likely that a process for eﬃciently and defensibly dealing with the large amounts of ESI in their companies could aid in ﬁnding documents that could be exculpatory and therefore help their cause.

3. eDiscovery for Corporate Counsel, 2010 ed. (West).

[ xviii ]

Foreword

I NTR O DUCTION

LITIGATION READINESS: INITIATIVE TO MASTER THE INEVITABLE

There is something in the DNA of the legal profession that gloriﬁes and perpetuates the image of lawyer as David. But instead of a rock and sling, the hero lawyer engages his Goliath of the moment armed only with his wits and cunning. The glory of the victory is made all the more profound by the paucity of resources and time available to the lawyer when the battle is joined. It’s the stuﬀ of movies and of many a war story told at law ﬁrm retreats. And it’s no wonder—many of today’s lawyers applied to law school with images of Atticus Finch (or for the younger set, Tom Cruise) dancing in their heads. The out-gunned, over-matched lawyer who nevertheless prevails is a character trope as familiar to many of us as the square-jawed drill sergeant or the empty-headed blonde. Who wouldn’t want to be “that guy”? Today, in some part due to this hero mentality, lawyers in corporations or public sector organizations too often place themselves in the position of litigator-ﬁreﬁghter. Rather than acting as responsible stewards of their legal portfolios, they are instead galvanized by a sudden emergency and forced to respond to a crisis as it arises. Not surprisingly, the Hollywood ending is mostly elusive and the results of these “just in time” responses are stress, wasted money, and unacceptable risks. Too often the best a lawyer feels he can achieve is the use of controlled burns to manage the time, cost, and risks of litigation and discovery. It often seems as though there is neither the time nor the incentive to focus on preventing the next ﬁre. While it’s true that a very small number of in-house lawyers have positioned their corporate legal departments as revenue rather than cost centers by being proactive, for the most part the behavior of in-house litigation lawyers is reactive. The reasons for this reactive behavior are structural as well as cultural. Litigation and other events that trigger discovery are inherently unpredictable, even for companies where litigation is common. Even if the intensity

of litigation (i.e., average number of matters per annum) can be predicted, the timing of the ﬁling of the complaint or the overall timing of events in a matter (often driven by the jurisdiction and the temperament and scheduling approach of the presiding judge) is impossible to predict. Further, the ultimate measure of a good litigator is still her ability to create a favorable outcome in the case. Rarely is this desired outcome one where the company loses the case but comes in under budget. Fireﬁghting is built into the fabric and the ethos of litigators and others responsible for managing matters that trigger discovery.

REACTIVE VS. RESPONSIVE LAWYERING

Because lawyers are often measured by their ability to react to litigation as quickly and decisively as possible, and to ﬁght pitched defensive battles only when there is no other choice, they believe they have little time or ability to take anything but a retrospective approach to process improvement. Lawyers rarely spend their time constructing proactive responses to situations before they arise, even where, as is the case with e-discovery, a proactive approach is precisely what is required to respond eﬀectively.

DISCOVERY AFTER ESI

In the American justice system, the process of “discovery” is meant to enable the parties to the matter to base their arguments on facts rather than conjecture. The basis for much of this fact-based work is the exchange of documents, paper or electronic, that may contain information relevant to the issues, arguments, claims, and defenses in the case. When the documents reside in an electronic format, they are referred to as electronically stored information (ESI), and the practice of discovery with ESI is referred to as “electronic discovery,” or “e-discovery.” In the early days of e-discovery (circa 2000–2004) paper documents converted to images/electronic format were also included as part of e-discovery, and the corpus of documents representing “paper and plastic” were referred to as “electronic documents.” In 2005, when the amendments to the Federal Rules of Civil Procedure governing discovery were being debated, the term electronically stored information was born. Discovery has been a formal part of litigation in the United States since 1938. But over the past decade, the complexity of conducting discovery has increased manifold due to the sheer volume of ESI that exists in organizations.

[ xx ] Introduction

These terabytes and often petabytes of data1 must now be considered part of the potential pool of responsive evidence in a typical litigation, which means it must be identiﬁed, preserved, searched, and, in some cases, produced to opposition. The impacts on the level of eﬀort and resources required to conduct discovery from the inclusion of ESI in the pool of potentially relevant evidence cannot be overstated. If pre-ESI discovery can be described as an eﬀort to ﬁnd a needle in a haystack, e-discovery is best described as searching for that same needle in a haystack the size of Mount Everest.

IMPACT OF ZUBULAKE ON DISCOVERY

One of the ﬁrst cases to shape e-discovery and therefore litigation practice was the now infamous Zubulake case.2 By all measures, this should have been a straightforward employment matter resulting in a quick resolution, but because of the presence of ESI, it became a seminal case demonstrating the tremendous impact e-discovery would have on litigation going forward. Laura Zubulake, an employee of banking giant UBS Warburg, informed UBS that she was considering ﬁling a discrimination action against the company. UBS Warburg decided to ﬁght her requests for discovery of electronic records because the company didn’t want to spend hundreds of thousands of dollars to produce electronic evidence from backup tapes. What should have been a relatively straightforward discrimination suit wound up taking years to wend its way through the courts. The case became a nightmare for UBS Warburg, which eventually was sanctioned by the court for failing to properly respond to Zubulake’s discovery requests. For the emerging ﬁeld of e-discovery, Zubulake provided several deﬁning moments. The case resulted in ﬁve separate rulings replete with several balancing tests, analysis, and orders just to determine which electronic data was discoverable, how the cost of discovering electronic records should be shared among parties, and whether sanctions should be imposed on the defendant for failing to produce evidence.

1. A terabyte is equivalent to 1000 gigabytes of date and a petabyte is 1000 terabytes. A gigabyte of data can contain over 100,000 printed pages. 2. Zubulake v. UBS Warburg , 217 F.R.D. 309 (S.D.N.Y. 2004).

Introduction [ xxi ]

BENCH AND BAR RESPOND TO ZUBULAKE

In large part as a result of the Zubulake decisions, judges around the country began to take notice of e-discovery and the profound role it could play in the heretofore relatively benign process of discovery in run-of-the-mill cases. U.S. Southern District of New York Magistrate Judge Shira Scheindlin, who authored the Zubulake decisions, became something of a celebrity within the profession for these decisions. Scheindlin made it clear that there were limits to what was discoverable, but the decision put in-house and private practice lawyers on notice that the days of pretending that there was nothing of value to be gained in searching through electronic data for potentially relevant evidence were over. E-discovery was here to stay. Spurred by Zubulake and other cases, the legal profession began to wake up to the immense burden of preserving and producing electronic business records for discovery. The legal profession, which had largely avoided the question for years, started to look for a solution. By 2005, the courts had made it clear that electronic records were now an unavoidable fact of life in discovery. The need for an organized business process for responding to e-discovery obligations was no longer abstract. And while cases like Zubulake were central to that awakening, the requirement for a business process– based approach to e-discovery applied to more than just litigation-related discovery. It also involves the identiﬁcation, preservation, collection, review, and production of ESI for all types of investigations, regulatory requests, and subpoenas.

FEDERAL RULES REFLECT E-DISCOVERY

Judges, lawyers, and lawmakers hashed out amendments to the Federal Rules of Civil Procedure (FRCP), setting out new rules for governing electronic discovery for cases litigated in federal court. By the standards of the legal profession, change came quickly. The amended FRCP went into eﬀect in December 2006, becoming the law of the land for matters litigated in federal courts. Many states have adopted rules governing e-discovery for matters litigated in their courts that are similar in most respects to the amended FRCP, and in states that have not updated their rules, it is best practice to consult the federal rules because many state court judges will consult them for guidance. Since the amendments to the FRCP governing e-discovery came into eﬀect, many litigants and their outside counsel have been trying to determine if the amended rules portend disaster, or are just a lot of noise and of

[ xxii ] Introduction

little real consequence. As with many such matters, the truth lies somewhere in between.

LAWYERS STILL LEAD IN THE ESI ERA

Lawyers have been grappling with the scope of the problem of ESI in litigation and discovery for almost ﬁfteen years. Many lawyers initially felt out of their league; viewing ESI and its place in discovery as a technical morass that they could not hope (and certainly did not desire) to navigate. While overblown in most cases, it is undeniable that the addition of ESI to traditional paper-based discovery has made the process more technical and has heightened the need for lawyers to have at least a basic understanding of how ESI is created, stored, searched, collected, and processed for production to the opposing party. That being said, the advent of e-discovery has not and should not relegate lawyers to the status of mere observers of the technical machinations required to conduct it. In fact, the lawyer’s role in the age of e-discovery is more important than ever. Despite a new information technology-centric focus of litigation, stimulated by e-discovery, the issues in a case, rules of evidence, understanding of case law, and all of the fundamentals of dispute resolution learned in law school and honed through years of practice are still the foundation of litigation. While it’s true that ESI adds a new—and often confusing to lawyers—dimension to discovery, the fundamental aspects and purposes behind discovery are unchanged. When the discovery phase of litigation kicks in, the lawyer who behaves as if he is a mere observer of computer experts who will “deal with” the digital mountains of ESI is failing to do his job. Instead, the lawyer must get engaged at the beginning of the e-discovery process and stay engaged throughout. It is only through that early and constant engagement that the lawyer can bring to bear his analytical skills and legal acumen to ensure success.

DISCOVERY MUST BOW TO OVERALL STRATEGY

Lawyers must ensure that the work done by the information technology (IT) professionals in a case is always done within the context of the case. The intensity with which e-discovery–related arguments can be conducted should be dictated by the legal strategy created for the case. Put another way, the technical tail should not be permitted to wag the legal dog.

Introduction [ xxiii ]

A number of inﬂuential court rulings have held outside counsel directly accountable for the behavior of their corporate clients and their IT staﬀ when conducting electronic discovery.3 It is critical that no matter how technical and computer-bound the evidence in a dispute may be, lawyers, businesspeople, and all staﬀ involved maintain a solid grounding in the business and legal context of the case.

WHAT THE NEW WORLD LOOKS LIKE

Why are electronic records such a confounding problem for litigation? Many trials now involve many gigabytes, even terabytes, of ESI. To understand the issue, consider some of the non-network (translation: not centrally stored and managed by the IT department) repositories where relevant data may reside: cell phones, laptops, personal digital assistants, removable USB drives, and iPads. Add to this the new frontier of software as a service-based applications: Twitter, Facebook, LinkedIn, and any other social networking sandbox accessed by employees via a corporate computer, reaching across a corporate network on a daily if not hourly basis. It is noteworthy that we leapt to references of social networking and hosted software models, rather than refer to the more familiar electronic discovery bugaboo of personal email accounts like Yahoo and Gmail. We did this because we believe that by the time you are reading this book, data stored “in the cloud” will be just as pernicious as personal email communications from an e-discovery perspective. Each of these sources carries hundreds of gigabytes of digital data, equivalent to tens of millions of printed pages. Within this data are communications and correspondence, musings, postings, and revelations that contain countless insights, innuendos, allegations, and even hard evidence. Little more than a decade ago, the average business person was weighted down by nothing more than a pile of paper documents in a briefcase. Today, that same person is likely carrying around in a ﬂash drive in their pocket many times more data than was present in those paper documents. Your adversary may demand during discovery that you search all these storage devices for relevant documents. It is a diﬃcult problem for any legal team to handle.

3. See, e.g., Qualcomm Inc. v. Broadcom Corp., No. 05-CV-1958-B (BLM) (SD Cal. Aug. 13, 2007) (Defendant’s lawyers were sanctioned for their client’s failure to produce relevant ESI).

[ xxiv ] Introduction

In one piece of tobacco litigation, United States v. Philip Morris,4 the plaintiﬀ ’s request to produce documents ﬁled on the defendant consisted of 1,726 paragraphs of detailed instructions, listing in mind-numbing detail every conceivable type of data and potential storage places for same. In the same case, the federal government was asked to preserve 20 million email records that would need to be searched for relevance to the issues in the case. Even with twenty-ﬁve full-time government archivists working on the case utilizing computer search technology, the team was barely able to manage the task.

DISCOVERY AS END GAME

In some litigation, ESI has become such a burden, so frustratingly diﬃcult and expensive to deal with in discovery, that observers have openly worried that more defendants will choose to settle rather than properly defend themselves by litigating meritorious cases through trial. Furthermore, there is a fear that nonmeritorious cases will live well beyond their natural half-life due to the threat of e-discovery process missteps being brought to light by an aggressive opponent. This is not an issue just for defendants. In business-to-business civil litigation, plaintiﬀs who have a legitimate claim may be thwarted by fears that their opponents can use the threat of the e-discovery nuclear option to get the plaintiﬀ to back oﬀ their claims. For example, in pharmaceutical intellectual property litigation, many commercial companies are suing competitors developing and marketing generic pharmaceuticals that are allegedly infringing on the commercial companies’ patents. This is a serious business issue for commercial pharmaceutical companies, who are seeing their patents nearing the end of their protectable lives. However, many of the generic pharmaceutical companies are not as document-intensive as the commercial companies, and may also be based in countries that have data privacy rules that prevent a wide-ranging American-style discovery eﬀort to be used against them. As such, the generic drug company’s ability to be aggressive in e-discovery may be much greater than the commercial company since they don’t fear “mutually assured destruction.” Daunted by the potential cost of identifying, preserving, collecting, and producing ESI (not to mention possible sanctions for failure to preserve and produce

4. United States v. Philip Morris USA, 449 F.Supp.2d 1 (D.D.C. 2006).

Introduction [ xxv ]

responsive documents), litigants often choose the safer, less risky, and more quantiﬁable route of settlement. But wait, you say, balancing cost and risk is nothing new for lawyers. That’s true. However, the sheer scope and scale of ESI today creates a fear of discovery that gives this phase of litigation end-game status. As e-discovery consultants, we’ve worked with dozens of organizations on this issue. When we sit down with corporate counsel and others within a company who regularly respond to litigation requests and look at their processes, we have yet to ﬁnd a company whose litigation readiness is better than a C grade. (We will have much more in later chapters on how an assessment actually works.) Yet, Ari Kaplan Advisors in New York conducted a survey of corporate counsels in 2008 and found that 75 percent of the respondents ranked their organizations at a 7 or higher (on a scale of 10) for how well they respond to ESI requests. That indicates that either an honest self-appraisal isn’t happening at many organizations or that many corporate counsels are woefully misinformed about their true level of litigation and discovery readiness.

MANAGING ESI IN DISCOVERY

ESI has injected serious complications into the business world, regulatory enforcement, and, certainly, for litigants of all kinds. But it is important to understand that e-discovery is not just a problem for parties embroiled in a legal dispute, but for our whole system of justice. When formal discovery was introduced in the United States in 1938, its purpose was to ensure that arguments could be made and disputes resolved based on an accurate and shared factual record rather than on conjecture and incomplete truths. That original intent will be hard to meet, and justice will be more diﬃcult to achieve, if the complexities of ESI in litigation are not successfully managed. In order to continue to have a fact-based solution to regulatory, legal, and other disputes, lawyers, businesspeople, and IT professionals must manage discovery in a way that ﬁts the needs of modern businesses without becoming prohibitively expensive or complex. That is the ultimate purpose of this book: to outline a pragmatic approach to conducting discovery in the digital era without frustrating the original intent of discovery to foster the equitable and fact-based administration of justice.

[ xxvi ]

Introduction

Litigation Readiness

This page intentionally left blank

C HAPTER 1

A Framework for Litigation Readiness

T

he subject of this book—litigation readiness—will be an unknown concept to many nonlegal readers (as well as to some lawyer-readers looking for an introduction to this newfangled concept). Therefore it may be helpful to put litigation readiness in the context of W. Edwards Deming’s Total Quality Management process introduced into the United States in the 1970s, or the Workplace Safety & Health initiative that swept through corporations at about the same time. These were new concepts that required a process to be built from the ground up so that concept became reality as part of the organization’s culture. But conceptually, business processes are essentially the same. One modiﬁes a known template to meet the requirements of the new initiative. Litigation readiness can be broken down into its parts, taught to its implementers, understood in a general way by the workforce, and executed successfully if the proper business process is in place to facilitate the implementation. So let’s talk about how this can happen.

1.01. AN ORGANIZED BUSINESS PROCESS — FIVE KEY COMPONENTS

The practice of reengineering an existing business process or putting a new one in place starts with understanding what the term “business process” actually means. The buzz phrase “business process” has become almost as overused and useless as the phrase “paradigm shift.” The tragedy of this is that there is actually a fairly well accepted deﬁnition of a business process, which, if internalized properly, is very useful to promote a common understanding of a problem (and solution). The basic deﬁnition of business process is any set of related, structured activities, with inputs and outputs,

designed to achieve a goal, with people executing process steps enabled by tools and technology. Some of the nomenclature used to describe the components of a business process may vary, but the fundamental principles are the same. One useful way to think about business process is that if one doesn’t exist, it is very diﬃcult to articulate what work is being done, who is doing it, how it is being done, how it is being managed and measured, and what outputs/outcomes are expected. Over the years, we have consistently deﬁned a business process as having ﬁve key components: people, process, technology/tools, management controls, and metrics. These components are titled in descriptive fashion, so their deﬁnitions are fairly self-evident. Each component also has some nuances that are nontrivial—especially when considering that in organizations with thousands of employees and complex information systems and legal challenges, nuance abounds. In addition to the components of a business process, below we will outline the impacts on risk, cost, and cycle time of not taking a business process approach to electronic discovery (e-discovery).

[A] Components of a Business Process [1] People

At the most basic level, the people component of a business process refers to the people who conduct activities within a business process that creates outputs. In order to conduct their activities to support the business process, these individuals may receive inputs from other people, add value to the inputs, and then pass an output oﬀ to someone else. Much like a traditional manufacturing line, people are key components of a business process—they receive the inputs and create the outputs. Every business process needs people to execute the steps of the process. These people may be enabled to perform their required functions with tools and technology, but ultimately, a business process requires people. The business process of discovery needs to be viewed from the lens of “who does what to whom,” and “whose input is whose output.” Furthermore, the signiﬁcance of a person’s role within a process needs to be explicit. For example, for every business process, the following “people” questions should be clear to all involved: who leads, who authorizes, who supports, and who provides input to the process. It seems simple enough. And in fact, the concept is simple to understand and internalize. However, the nuance comes in when one thinks about the exact role of a person within a business process. Are they leading the

[ 4 ] Litigation Readiness

process? Do they authorize work to be done? Do they support the work of others rather than actually execute discrete activities themselves? Do they provide input to others without supporting or executing work? All of these people-based activities are critical to a high-functioning business process. That’s why understanding with precision the role of each person within the process is necessary to ensure the crisp and clear execution of the process. It has been our experience that, in organizations with hundreds (even tens of thousands) of people interacting in interdependent situations, assigning speciﬁc roles is critical to their understanding of the process and their part in it. Another reason the people component of a business process is critical is that as one deconstructs the bill of activities of each person involved in the process, the qualiﬁcations required (either by law or due to the content of work) of the person become obvious. This is especially important in legal business processes such as discovery. For example, by law, only a licensed attorney can “sign oﬀ ” on a set of documents produced to the requesting party and certify that the production set contains unaltered documents responsive to the request. On the other hand, there is no legal requirement that a licensed attorney physically collect the potentially relevant documents from individuals or computer systems. The utility in this lens being placed on the people element of a business process is that it allows an organization to explore balancing risk and cost of each activity set by having people with diﬀerent qualiﬁcations perform activities, in order to optimize eﬃciency (translation: cost) and eﬀectiveness of the process.

[2] Process

Processes are the interactions and actions that need to be taken by the people to enable the business process. The interdependencies between process steps, people, and the tools/technology they use need to be overtly articulated as part of each step of a business process. In discovery, the transparent articulation of process steps is required to demonstrate good faith behavior and reasonableness, which are the commonly used standards to judge whether a litigant has met its discovery obligations. The advent and ever-increasing prevalence of electronically stored information (ESI) in discovery has further accentuated this requirement, since the judiciary tends to be intolerant of “black box” processes where a judge has to try and decipher what steps an organization took (or did not take) to fulﬁl its discovery obligations. For that reason, documentation of

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[5]

processes has taken on much greater importance. Recent rulings have shown that judges are much more lenient on litigants that can demonstrate that they tried to do the right thing, even if they didn’t always do things right. Process is a series of steps, sequential or nonsequential, to be executed for an output to be produced. These steps may be executed by people and/ or technology/tools. In some situations each step will be executed in order, while in others only some of the steps are required to get the work done. At this point it’s important to distinguish between process, procedure, and protocol—three concepts that often get conﬂated. Processes are toplevel/major process steps (each having multiple process constituents); procedures are a sequence of activities, tasks, steps, and decisions; and protocols are rules governing the syntax, semantics, and synchronization of communication within procedures. Furthermore, it is important to realize that a process can exist, even if it is not written down. As a matter of fact, in most of the companies where we have assessed discovery processes, we have found that processes are rarely documented, but often do exist, albeit only in the heads of the responsible individuals. When people conduct activities in a workﬂow with other people, a process is in session. We believe that if a process exists, and it works, then the only reason to change or augment it is if there is a material risk or cost consequence to conducting the process in the fashion it exists. If the process is “Just Good Enough” (more on this concept later), then the process should not be ﬁxed simply for the sake of change.

[3] Technology/Tools

Technology/tools are often assumed by people to mean “information technology” or “software technology.” In fact, the tool may be as simple as a piece of paper or a checklist attached to a manila folder. Technology is the source of the problem in e-discovery, but it is also part of the solution. The proliferation of computers and storage technology has created mind-boggling volumes of information. Intelligent use of technology can be as simple as a paper form requesting an email pull from the Microsoft Exchange Server to as complex as a workﬂow-based litigation hold management software application. The key for companies is to not automatically default to the purchase of expensive new software. While a software purchase may in fact be justiﬁed, the tools and technologies necessary to facilitate process steps are often ones that the company already owns.

[ 6 ] Litigation Readiness

When deployed properly, tools and technology are enabling mechanisms. Technology is not an elixir, but it is sometimes useful (or even required) for humans to execute process steps. Too often, however, this dimension of a business process is interpreted to mean the purchase of commercial software costing hundreds of thousands of dollars. This is often not the case. The correct solution is the one that works for your particular company. The solution needs to be “Just Good Enough.”

[4] Management Controls

A management control is a point in a process where the opportunity exists for a decision to be made. Hence the word, “control.” When people are at a crossroads, how do they determine if they go left or right? Management controls are a critical part of a business process because they enable people to identify when they have come to a crossroads. Such controls serve as decision drivers. Management controls are needed to ensure that the job is being done properly. For example, a management control in a legal hold process for the preservation of potentially responsive ESI would be to require documentation from recipients acknowledging that they’ve received a legal hold notice and agree to be bound by the obligations outlined in the notice. This allows a company to ensure that recipients are taking their obligation to preserve potentially responsive ESI seriously so that the company can ensure that it is fulﬁlling its obligations and demonstrate that it is acting in good faith.

[5] Metrics

Metrics are vital because you can’t manage what you can’t measure. Metrics and measurement are crucial to achieving continuous improvement, allowing the organization to set goals, measure progress, and adjust course based on data being measured. Just as any business calculates a return on investment based on metrics, so too can lawyers calculate a baseline and measure improvement from that baseline, with an associated reduction in consequence. A metric we often recommend to clients is to track the elapsed time between the ﬁling of a complaint and the company’s issuance of a legal hold notice to custodians of potentially responsive ESI. A company can measure this cycle time to ensure that its actions in response to the triggering of an obligation to preserve potentially relevant documents (e.g., the receipt of a

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[7]

legal complaint) are timely and therefore decrease the possibility that these documents are inadvertently deleted. More importantly, a company can make sure that there is not signiﬁcant variability in the cycle time for this activity from case to case to avoid claims of inconsistency in process which may lead to allegations that the company is not taking its obligations seriously in all cases. These metrics allow a company to set goals for complying with requests and to measure progress toward achieving these goals. Metrics are the foundation for achieving continuous process improvement.

1.02. THE CONSEQUENCES OF A LACK OF BUSINESS PROCESS [A] Risk, Cost, and Cycle Time [1] Risk

Any process, if not executed properly, can create risk. The question is: does it matter? In the case of discovery, whether driven by litigation or nonlitigation events, the risk of improperly executing a process or of not having a formal process in place, can be signiﬁcant. In other words, it matters. Over the past ﬁve years, companies who have failed to have a business process in place for responding to discovery have been sanctioned for failing to demonstrate that they are taking their obligations seriously—also known as acting in bad faith. Beyond sanction, companies have also received penalties such as summary judgment rulings in favor of adversaries, or being painted as high proﬁle examples of how “not to behave,” on the front page of the Wall Street Journal. In situations like this, the risk of “bad process,” has a half-life that is longer than the event which created the risk—the company is forevermore in the sights of parties like state attorneys general or the plaintiﬀs bar—e-discovery becomes a part of daily life, not because it is being proactively managed, but because the company now has no alternative.

[2] Cost

The cost, hard and soft, of a lack of a formal business process for responding to discovery is undeniable. Over the past decade, the fact that the cost of reviewing data and documents potentially relevant to a discovery request is skyrocketing has been broadly socialized. The commonly held view is that increased attorney fees have driven these costs higher, in conjunction with the exponential increase in the volume of ESI resident in companies. These factors are undeniably key drivers of e-discovery cost, but much of

[ 8 ] Litigation Readiness

this cost has its roots in a lack of a business process that enables datadriven, fact-based decision-making. In addition to the process costs, there are the hard costs of economic penalties associated with being sanctioned by a court. However, these costs are a rounding error compared to the actual costs of conducting discovery. Even if a business process approach cannot signiﬁcantly reduce the costs of discovery (though it almost always can), it can at least provide increased predictability as to what costs will be, which is necessary for eﬀective budgeting and planning.

[3] Cycle Time

Cycle time is the amount of time it takes for a process (or subprocess) to go from beginning to end. For example, how long does it take a company from the time an obligation to preserve data/document) is triggered to issue a legal hold notice to individuals in the company that may be in possession of potentially responsive documents? This elapsed time is “cycle time,” and more and more, demonstrating that this cycle time is proactively managed by a company is considered by the judiciary to be a leading indicator of acting in good faith. Cycle time also comes into play when trying to meet deadlines such as complying with a government or regulatory body request for data or documents or conducting an internal investigation. In these situations, the cycle time (elapsed time) from the time a request is made to collect documents from a repository of potentially responsive data to the time it is collected or presented for analysis or review is critical. In an internal investigation, which is typically a situation where a company suspects that something may be awry, ensuring that risk managers or lawyers are able to comb through documents rapidly to see if nefarious behavior is present is critical to avoidance of signiﬁcant future risk. Without an organized business process, cycle time issues are usually not even ﬂagged, or if they are, they manifest more as “sound and fury” with “how long things take” than something empirical that can be addressed.

1.03. THE BUSINESS PROCESS OF LITIGATION [A] The Mechanics Behind Good Lawyering

Many lawyers don’t think about it this way, but litigation itself is a business process. And like any business process, litigation has people, process, technology, metrics, and management controls components. There are

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[9]

certain business analyses that need to be performed: anticipating litigation, performing portfolio analysis, doing early case assessment, and damage analysis and valuation. There are also electronic discovery process mechanics, often referred to in industry parlance as the Electronic Discovery Reference Model, or EDRM. As outlined by George Socha and Thomas Gelbmann: The Electronic Discovery Reference Model (EDRM) Project was launched in May of 2005 by George Socha and Thomas Gelbmann. The project was created to address the lack of standards and guidelines in the electronic discovery market—a problem identiﬁed in both the 2003 and 2004 Socha-Gelbmann Electronic Discovery surveys. The completed reference model provides a common, ﬂexible and extensible framework for the development, selection, evaluation and use of electronic discovery products and services. The model (available at http://edrm.net) is designed to address the entire spectrum of the e-discovery readiness and response process.

[B] The Six ( + 2) Basics of E-discovery

We can describe discovery as having three legs: document discovery, depositions, and interrogatories. All are focused on developing a fact/evidence basis that is used to support the issues, arguments, claims, and defenses in the matter. Discovery is the process of building a fact base so the parties in litigation can argue or defend their case in court using empirical approaches rather than conjecture. The discovery process is one of the pillars of American jurisprudence; it is the fundamental way in which facts are obtained for litigation. To manage document discovery in the context of litigation, there needs to be a well-deﬁned process. The six major EDRM discovery response processes are generally labeled identiﬁcation, preservation, collection, processing, review, and production. We will discuss information governance and analysis (the +2) separately.

[1] Identiﬁcation

As part of the e-discovery process, an organization needs to understand where ESI is located throughout the organization, who created it, who stores it, and how to retrieve it—preferably BEFORE receiving a legal hold or preservation letter or complaint. Rapid and accurate identiﬁcation

[ 10 ]

Litigation Readiness

of custodians and repositories of data or documents is the foundation for successful management of a company’s legal hold process and also is the biggest leverage point for e-discovery cost control. The identiﬁcation process is most ﬂuid if built on a sound records management and retention system, as well as an established and well-understood context for identiﬁcation—namely a crisp articulation of the issues, arguments, claims, and defenses in a matter and a healthy dose of analysis. Essentially, if there is a rational basis established early as to “what is in, and what is out,” it makes it a lot easier to control discovery versus being controlled by discovery. If an organization wants to develop a defensible e-discovery process, it must take an interdepartmental approach to encourage interaction among business units such as information technology, records management, compliance, and the legal department. Furthermore, the organization must establish consistent and repeatable communication protocols across all lines of business of the organization. To develop an identiﬁcation plan, an organization must be able to understand two principal dimensions—the people dimension and the repository dimension. The people who have created or store the records must ﬁrst be identiﬁed. Who is in control of particular documents, how these people work, and how and where they store their ESI is critical information to understand. In conjunction with this, the information technology (IT)-controlled systems that store data and documents, their backup systems and archiving systems, history of data migrated into/out of these systems, and the IT stewards responsible for these systems all need to be identiﬁed. Most companies hit a roadblock at this very early stage of e-discovery, in many cases because they don’t have a proactive process to ensure that the people and IT systems being identiﬁed properly map to the issues, arguments, claims, and defenses in a matter. Rather, they tend to take a tribal knowledge (aka brute force) approach, which often is a knee-jerk response to an overbroad request for documents from the opposition. These requests for production usually contain demands such as “all communications and correspondence from date x to date y on all topics related to [insert overbroad and generic topic here].” Our experience is that in these situations, there are two typical responses—throw the net out wide, preserve all the paper and ESI that could potentially be responsive to the request (as a practical matter, regular invocation of this approach results in literally nothing ever being deleted from the corporate IT infrastructure), or have an outside counsel lawyer who responds with disgust and disdain, in a nonanalytic way to the requesting party, taking umbrage at “such an overbroad and oﬀ-the-mark request for documents.” Interestingly, this latter approach

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[ 11 ]

works more often than one would think simply because the requesting party has likely downloaded from the Internet, a “request for production” document with the e-discovery “nuclear option” embedded in the text and really doesn’t believe that she will get all that she demands. However, with e-discovery maturing, these requests for production are getting more speciﬁc—outlining the types of ESI that need to be produced (by ﬁle type—email, Microsoft Word documents, Microsoft Excel ﬁles, etc.), the storage medium (active servers, archive servers, backup systems) as well as the intensity of collection protocol (active ﬁle collection, forensic collection, etc.). Requests with this level of speciﬁcity are usually borne from e-discovery knowledge, and the ﬁre-and-brimstone response is usually a nonstarter. We tend to focus a lot of energy on the identiﬁcation step of the discovery process. We do this not only because this is the step where risk and cost (through scope management) can be properly controlled, but also because this is the point where interdisciplinary collaboration should be the greatest. Lawyers, in-house and outside, legal support professionals, information technology staﬀ, and individuals from business units should all work together to ensure that the scope of discovery outlined in the early stages of discovery is properly outlined and the process by which the scope was derived is reasonably designed, transparent, conducted in good faith, and, most importantly, documented.

[2] Preservation

Most nonlawyers in companies are exposed to the preservation step of the discovery process via their receipt of a legal hold notice. More and more, as we talk to nonlawyer friends and colleagues in companies, they recognize the concept of a “legal/litigation hold notice,” and universally roll their eyeballs at the concept. “Oh yeah, that’s the thing the lawyers send out saying that we cannot delete anything or our ﬁngernails will be removed, one by one.” Sadly, this perception of legal hold notices is not unwarranted. Most companies—especially since amendments to the Federal Rules of Civil Procedure governing discovery went into eﬀect in December 2006—have been issuing legal hold notices in a haphazard and undiﬀerentiated manner. When a company is under an obligation to preserve information pertinent to a matter (litigation or otherwise), the mechanical instrument to achieve this is to inform people who are in possession of such information that they should not delete, destroy, or modify such information—the notice

[ 12 ]

Litigation Readiness

containing such guidance is called a legal hold notice1. In companies with thousands of employees, generally the system is one of “inform, ask, and trust.” By and large, courts have held that a lawyer in a company should be able to rely on (in order to fulﬁll preservation obligations) a system where they ask an employee to preserve information, inform them of their obligations in this regard, and receive acknowledgement from the employee that they understand and accept their obligations. As simple as this sounds, company after company has been sanctioned for failing to preserve information that is considered relevant to the matter at hand. Managing legal holds is generally quite far down the list of most lawyers favourite things to do and is one of the key contributors that force lawyers to focus not on the substantive issues of law but rather on process minutia. Legal hold management is not a policy; it’s a process driven by policy and resulting in protocols executed by people and technology. This process seems simple—at least for handling a single legal hold event. However, organizations facing multiple legal actions or regulatory investigations may see this “simple” process quickly evolve into an increasingly complex management nightmare as custodians (stewards of data), individual legal holds, data repositories, and case requirements overlap, layer upon layer. No matter the number of legal holds, or the complexity of the process, organizations need to follow four basic steps when developing a legal hold/ data preservation plan: 1. Determine the trigger for litigation/preservation obligation and hence a legal hold. 2. Identify what data must be preserved and who is “in charge of it.” 3. Establish a preservation plan for the data. 4. Implement and manage the preservation and legal hold process. As with all our guidance, in this arena, we have found that the invocation of a “Just Good Enough” approach is especially pertinent. Over the past ﬁve years, companies have spent millions of dollars acquiring software to facilitate the issuance, tracking, management, refreshing, and lifting of legal holds. As we outline in subsequent chapters how a company can implement a rational, reasonable, yet eﬀective preservation business process, we will emphasize, as with all our guidance, that companies must ensure that the preservation process ﬁts the exposure. It is this mentality that will not

1. These notices are known by many diﬀerent names, including litigation hold notices, record hold notices, document hold notices, but all refer to the same thing.

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[ 13 ]

only assure that preservation obligations are fulﬁlled, but that the half-life of the preservation process (and supporting technology) remains relevant and useful far longer than they do in most companies we have observed.

[3] Collection

The process of evidence collection is one that has also suﬀered from overengineering. The collection of evidence from repositories containing ESI operates at the intersection of technology and the law. Over the past decade, technocrats and lawyers have butted heads, invoking jargon and “inside baseball” nomenclature to confuse each other and create an entire industry focused on “evidence collection.” Forensic experts, data recovery experts, collection tools, data culling tools, federated search and indexing engines, and early case assessment tools are all sucking money out of corporate coﬀers—many in the name of self-fulﬁlling prophecies of complexity. If the lawyers, the technocrats, the judges, the vendors all say it is hard—it must be. Again, our view is the collection of evidence can be managed in a rational fashion and if done right can be a major instrument to ensure proper litigation readiness as well as litigation response. Collection of data is what we call a “bridge” process. This bridge can either have its primary base in the preservation process or in the data processing process. However, if it is not connected to either or both of these processes, it is usually in severe need of process optimization since as a stand-alone step, without context, it is fraught with risk and likely far too costly. We will outline in subsequent chapters how an organization can take a Just Good Enough approach to evidence collection while ensuring that obligations are fulﬁlled and costs are properly managed.

[4] Processing

Over the past decade, the process of data processing has evolved from something nascent to something commoditized and evolving to obsolete. This rapid evolution has enriched many companies who have capitalized on the lack of technical knowledge of the legal community as well as the sluggish application of tried-and-true technology to the discovery domain. Today, most companies (vendors) who have made millions of dollars over the years “processing data” are ﬁnding themselves falling by the wayside unless they acknowledge that processing of data is a means to an end, not an end in itself.

[ 14 ]

Litigation Readiness

Data processing generally means preparing data for analysis, review, and production. The essence of this preparation is fairly straightforward. It is worthy of note that the lion’s share of “data” in e-discovery situations tends to be “unstructured” data versus “structured” data. Without getting too techno-centric, here is the diﬀerence between these two data types. Unstructured data is created by individuals and usually is in the form of “loose ﬁles,” such as email data, word processing documents, presentations, spreadsheets, etc. and is usually stored on an individual’s computer or on the corporate network in a “shared folder.” Structured data is “database data”—data such as that stored in transaction-processing databases such as ﬁnancial systems, human resource systems, and manufacturing resource planning systems. Over the past decade, most of the high proﬁle situations involving e-discovery have centered on “communications and correspondence”—also known as email. Most e-discovery–related data processing focuses on unstructured data, and within that category, email makes up the vast majority of the data volume. The key in looking at data processing is to internalize its function as a “means to an end,” rather than the end itself. Our advice to our corporate clients is to understand “just enough” about data processing to make good technology decisions and to negotiate good pricing—then rely on industry standard criteria to ensure that processors meet minimum standards. We will discuss these standards in detail in subsequent chapters.

[5] Review

Document review as a process step has received a tremendous amount of attention over the past ﬁve years for one simple reason: it consumes the greatest percentage of total discovery costs. Take a typical corporation in the United States, above $2 billion in annual revenue. Most of these companies face litigation or nonlitigation discovery on a fairly regular basis. For a company facing very frequent litigation, unless the litigation portfolio is made up of circa 1970s toxic tort litigation (e.g., asbestos), there is likely a high percentage of ESI in the overall litigation-driven document population. For these types of companies, litigation is typically 70 percent of the overall corporate legal expenditure on an annual basis. Discovery is about 70 percent of litigation expenditure and review costs are about 70 percent of discovery costs. Therefore, document review, on average, can total up to over one-third of total legal expenditure in corporations above $2 billion in

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[ 15 ]

annual revenue. That’s a lot of money and therefore, document review warrants the attention and focus we have seen of late. One of the key discussions in the document review arena today, driven principally by cost, is whether nonlawyers, or non-U.S. lawyers, or lawyers not active in the bar can review documents. As a practical matter, all these constituents are actively involved in document review today, but the subject of who should review documents is a contentious one. This, combined with the fact that process and controls experts such as companies who built their businesses in the information technology outsourcing space are taking a very process-centric approach to document review, is creating opportunities for redeﬁnition of a function that has always been the domain of the lawyer. We will discuss our views on this domain later in the book.

[6] Production

The production (or turning over) of responsive, nonprivileged documents to a requesting party has always been a basic component of a law ﬁrm’s duties on behalf of its clients. What accompanies this is a “certiﬁcation” process where a licensed attorney certiﬁes that what is being produced has not been altered (spoliated) and meets the agreements made between parties as to the parameters that deﬁne the corpus of relevant information. This step is still conducted most often by a lawyer in a law ﬁrm. However, the process of production has taken on multi-dimensionality due to the infusion of ESI into the corpus of data/documents. The format of production (paper or electronic (TIFF, native, PDF, etc.)), the mode of delivery (hard drive, secure FTP, boxes on trucks), the schedule (rolling productions or all at once), the basis for asserting privilege, certiﬁcations about metadata being unaltered are all topics that may seem trivial, but for the gladiators of discovery, operating on the ground ﬂoor of litigation and litigation support, these are make-or-break topics. As such, it is critical to understand them, perhaps not at a level of minutia, but at least at a level of awareness and options. We will outline these issues later in the book.

1.04. DECISION FRAMEWORK TO SUPPORT DISCOVERY PROCESS [A] Balancing Cost, Risk, and Cycle Time

As outlined above, a lack of business process or a suboptimal business process creates consequences—increased risk, cost, or longer than acceptable

[ 16 ]

Litigation Readiness

cycle times. The challenge in managing and making decisions within a business process is that these three factors are constantly being traded oﬀ for one another. It is diﬃcult to reduce cost without accepting possibly higher risk of errors and vice versa. A decision framework must support the discovery business process by balancing the various consequences. Lawyers have to manage costs and risks, the two main levers they think about in managing any matter. Longer than desired cycle times tend to result in either higher risk or higher cost, or both. Lawyers also worry about issues like their potential exposure, the value of a matter relative to the cost to litigate it (for an outside counsel attorney, this may translate into how much a client can aﬀord to spend), the eﬀect on their ongoing business, and what might happen if they settle too quickly. What is needed is a decision framework that balances the cost, risk, and time the eﬀort will take and ensures that no single element of the process destroys the overall eﬀort.

1.05. GUIDING PRINCIPLES

In managing e-discovery, a good faith eﬀort is one where activities are conducted and actions are taken under the auspices of a reasonably designed and documented process. This, courts have held, demonstrates that a company is acting in good faith (trying to do the right thing) in how it complies with a discovery request. That eﬀort must be simple, understandable, transparent, and predictable. If these characteristics are embodied in a business process for managing discovery in litigation, companies generally feel that they have a foundation of trust with opposing parties and the court and are well-positioned to defend that process should it come under attack. One signiﬁcant issue is the balance that outside counsel must strike between serving their client and demonstrating a good faith eﬀort in discovery before the court. The Sedona Conference, a forum for establishing best practices in e-discovery, addresses this subject candidly: Lawyers have twin duties of loyalty: While they are retained to be zealous advocates for their clients, they bear a professional obligation to conduct discovery in a diligent and candid manner. Their combined duty is to strive in the best interests of their clients to achieve the best results at a reasonable cost, with integrity and candor as oﬃcers of the court.

Sometimes this dynamic results in a push-pull between in-house counsel and outside counsel, which if not managed proactively can result in

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[ 17 ]

frustration and large bills. However, if viewed as an opportunity rather than a problem, this situation can also be very productive, with outside counsel acting as risk mangement stewards for their client and in-house counsel invoking their role as stewards of the business. If these two parties can work together in the context of a business process where decisions are made collaboratively, and supported by an analytic framework that allows them to understand the impact of decisions in risk and cost, the push-pull dynamic between outside counsel and in-house counsel can result in a better outcome.

[A] Narrative Plans Fall Short

Sometimes, litigation response plans are articulated more as a policy manual written in narrative style than as a process with people, process steps, tools/technologies, and interdependencies outlined. Most companies that have prepared something in the narrative format have found the resulting “plan” of very little utility in actual discovery response. That’s because the narrative format, which is how lawyers are trained to communicate issues and arguments, tends to obscure the simplicity, understandability, and transparency required for a process to demonstrate good faith through reasonable design. (See the Pyramid of Good Faith in Figure 1.1). Additionally, while a process represented in narrative format may be comfortable for a lawyer, it is often a poor mechanism for facilitating collaboration between multiple individuals in the e-discovery process chain, most of whom are not lawyers. The ideal discovery response plan format is one that combines visual process ﬂows with narrative explanations/clariﬁcations of the steps in the process, as well as a mechanism for process participants to understand clearly their roles and responsibilities at each step of the process.

[B] Create a Plan People Will Use

In addition to a focus on the format of the plan, companies should also focus on the form in which the plan is created. Here, we want to consider the end user, the individual who actually has to understand and act upon the discovery response plan. In what form does the individual prefer to receive complex and new information? It is preferable to have the plan in the form most likely to stimulate usage, based on the culture of your company and the training and disposition of those individuals who will be most involved with the day-to-day activities represented by the plan.

[ 18 ]

Litigation Readiness

Defensibility Trust Predictability Transparency Understandability Simplicity

Figure 1.1 Pyramid of Good Faith

The function of the plan, be it a policy document, a process manual, or a procedural handbook, is measured by the level of detail contained in the document. At present, there is no deﬁnitive guidance regarding the functional aspects of a discovery response plan. As case law develops companies are slowly being given more tangible guidance to determine the precise functional aspects of a discovery response plan. In areas like preservation (legal hold), case law has developed quite a bit, with the judiciary opining regularly about how this critical process needs to have rigor and transparency, as it is viewed as a critical step to demonstrate good (or bad) faith behavior. In the meantime, we believe that having a plan (regardless of function) is better than having no plan at all. Yet, at the time of this writing, the majority of companies in the United States still have no formal, documented plan for discovery response at all. Those few companies that have expended the eﬀort to formulate a discovery response plan are demonstrating to the court as well as adversaries that they take their discovery obligations seriously and are trying to do the right thing. This serves as a solid foundation for demonstrating reasonableness and good faith in document production. Ultimately, though, even if a plan does exist, regardless of its elegance, if it is not actually invoked in daily practice, the utility of the plan in minimizing risk and cost is limited.

[C] Perfection Not Required — Just Good Enough Is Preferred

An important point to note here is that the Pareto principle (80 percent of the result comes from 20 percent of the eﬀort) is critical. The tendency of lawyers is to be precise and complete, which may cause them to bring an

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[ 19 ]

Figure 1.2 Electronic Discovery Reference Model

unnecessary rigor to this exercise—in other words, “the perfect can become the enemy of the good.” This is not to imply that the exercise of creating a discovery response plan should be lacking in thoroughness. Rather, the more eﬀective approach is to start at a reasonably high level of abstraction and then add more detail over time, as more data points are aggregated. As such, a Just Good Enough approach is a ﬁrst step toward litigation and discovery readiness. For instance, as trite as it sounds, our approach is to counsel our clients to document the “top 10” issues, arguments, claims, and defenses for the top ten classes of litigation and non-litigation matters where the company is likely to be compelled to produce ESI. This is the lens that should be used to guide the scope and intensity of discovery response for any given matter. One measure of success is that it should take an attorney less than an hour or two to document, for each type of litigation she manages, all the issues, arguments, claims, defenses, and implicated record types. Once this is documented, it can guide the creation of a discovery response plan that is tailored to the discovery challenges for the company. It’s simple and straightforward, yet extremely useful. In other words, Just Good Enough. Just Good Enough is a principle that we have been espousing for the last decade. It means that the solution should be proportionate to the exposure. In guiding our clients through the formulation of a discovery response plan, we stress proportionality. In our experience, any business process formulation eﬀort can quickly crumble under its own weight if it is not rightsized to the actual exposure if things do not go well. If only the process steward is concerned about the lack of process, then any process created will likely not be used, and even worse, lots of process documentation will be created and stored (and potentially discoverable) that will allow an adversary to claim (perhaps without merit, but yet . . .) that the company did not follow its own process. As such, a process that is created and invoked consistent with the theme of Just Good Enough has the beneﬁt of not only being used, but likely also being much easier to create.

A F R A M E W OR K F OR L I T I G AT I O N R E A DI N E S S

[ 21 ]

C HAPTER 2

A Business Process for Litigation Readiness

2.01. A FOUNDATION FOR CONTINUOUS IMPROVEMENT: ASSESSMENT, PLANNING, IMPLEMENTATION, AND EMBEDDING

In 1968, a rookie manager named Gil Hodges inherited the worst team in Major League Baseball: the New York Mets. The team had lost more than one hundred games in ﬁve of its six years since its creation in 1962. Former managers, including the legendary Casey Stengel, had attempted to break the losing pattern by grabbing aging stars and semi-stars and sticking them into the lineup and pitching rotation. They failed on an impressive scale. Hodges proved to be one of the greatest change-makers in sports history. He dumped the aging star strategy and, in 1968, installed raw rookies and unproven youth at just about every position. His pitching staﬀ was studded with unknowns. His strategy worked almost ﬂawlessly. The young players got much needed experience and felt supported by the organization even when they went through rough patches. Because they came together as a team, with a mutual stake in the future, they came to depend upon each other. By Hodges’ second season, the young players had matured and were ready to spread their wings. The “Miracle Mets” went on to win one hundred games in 1968 and then won the World Series by crushing a heavily favored Baltimore Orioles team in ﬁve games. However, the Mets’ stunning turnaround was less a “miracle” than it was a tribute to a man with a plan. One who refused to give in to the pressure to produce short-term results by going after the aging stars that had so failed the Mets in earlier years.

2.02. PLANNING + EXECUTION = SUCCESS

Had he been a corporate manager, Hodges could have written the book on the value of planning and executing an initiative for long-term rather than short-term results. Hodges assessed his young talent prior to the 1968 season and concluded he had enough to show some improvement. He created a multiple-year plan that envisioned continuous improvement by the majority of his young players; these would be supported by a few key veterans in speciﬁc roles (pinch hitters, long relief, a ﬁfth starter). He immediately implemented the plan on Opening Day 1968, and over the next two years, he embedded his youth movement strategy throughout the organization. Hodges’ visionary management of the Mets demonstrates an important rule: If you assess thoroughly, plan thoughtfully, implement strategically, and win over the team to your philosophy (embedding), “miracles” can happen.

2.03. FOUR STEPS TO THE BUSINESS PROCESS

For senior management teams that are determined to prepare their organizations for litigation in the era of e-discovery, there is no better model than Hodges’ New York Mets. For the promise of a new initiative to be fulﬁlled, the key steps are: 1. 2. 3. 4.

Assessment Planning Implementation Embedding

Before we further explore each of these mileposts, we need to make sure senior management’s commitment is to the long run and not ﬁxated on short-term, plug-it-in-and-turn-it-on results.

2.04. BIG BANG VS. ITERATIVE APPROACH — THE TECHNOLOGY ELIXIR

One of the most common mistakes businesses make with process reengineering work involves selecting a big bang versus an iterative approach to changing existing processes. It’s tempting to go with the big bang. It operates on the desire for quick results, like the “ooohs” and “aaahs” at a

A B U S I N E S S P R O C E S S F OR L I T I G AT I O N R E A DI N E S S

[ 23 ]

ﬁreworks display. “Let’s form a committee, dedicate a bunch of resources, and be litigation ready by next month!” In our experience, this approach fails to make litigation readiness an embedded part of the organizational culture. It’s on the radar one day, oﬀ the next, and barely mentioned until the inevitable discovery misstep occurs. Oftentimes, this big bang approach is invoked through the rapid acquisition of expensive commercial software that promises to make discovery manageable with the push of a “big green button.” Technology is believed to be the elixir. We instead recommend an approach that recognizes that litigation readiness is essentially a business process that is enabled by technology but is ultimately owned and executed by people.

2.05. CONTINUOUS IMPROVEMENT FOCUS

When senior management gets involved in it and the team embraces it, litigation readiness becomes a mission and a mindset with the focus on continuous improvement. This is particularly true right now with respect to court decisions and industry practices around storage and production of electronic data. The landscape is rapidly evolving, so the process for implementation must assume continuous improvement. This is critical to demonstrating, before a court, that a company has a reasonably designed process invoked in good faith. This does not mean that an organization cannot achieve quick wins to keep the skeptics interested. Gil Hodges knew he had to do better in 1968 than his predecessors had done. Some quick wins are vital to gaining the necessary momentum to cross the ﬁnish line. But the iterative, metricsdriven approach does recognize that organizational change, just like life change, needs to be completed in phases.

2.06. ASSESSMENT AS A BASIS FOR ESTABLISHING PROPORTIONALITY

Most business process reengineering eﬀorts start with a documentation of how things are done. Next, a gap analysis between the current state and some desired state is conducted to identify speciﬁc gaps. These gaps are then used as a “road map” of sorts to determine the pathway for improvement. However, there’s another critical dimension in the litigation readiness business process reengineering arena: the need to use assessment for establishing a proportionality of response.

[ 24 ]

Litigation Readiness

2.07. A BALANCE SHEET LOOK AT LITIGATION READINESS

Assessment is just that—a value judgment on the existing state of aﬀairs of an organization’s discovery business process. In one sense, it is a means of taking a qualitative inventory of the state of the company’s litigation readiness prior to launching the litigation readiness initiative. All the clichés apply here—how can you determine where to go and how to get there if you do not know where you are? You cannot manage what you cannot measure. You get what you measure. Establishing a baseline is the foundation for continuous improvement. Introspection is the beginning of improvement. However, in the e-discovery (electronic discovery) context, introspection is tantamount to success.

2.08. ASSESSMENT AS MINEFIELD

As in so many areas of e-discovery, assessment is becoming increasingly complex. It can be a mineﬁeld for the uninitiated. Should the assessment miss the mark—should gaps be missed or misjudged—the resultant plan and implementation process will likely fail to deliver a litigation readiness process that truly serves the organization’s needs. However, the moderating inﬂuence here is the guidance to take a Just Good Enough approach to assessment. There are many ways to assess in a rational manner—to wit, we have developed a methodology to assess the discovery business process of a company, based on the principles of the APGAR score—an approach that is the quintessential Just Good Enough method. If it’s good enough to assess the health of a newborn infant, it surely should be good enough for e-discovery and litigation readiness. Immediately when an infant is born, a clinician makes a value judgment on the baby’s health by looking at the baby’s appearance, pulse, grimace, activity, and respiration (hence the acronym APGAR). This same value judgment is made a few minutes after the initial APGAR to measure progress from the baseline. Based on this value judgment, appropriate remediation is invoked. We have based our assessment approach on this Just Good Enough approach by translating each APGAR dimension to a business process dimension: • • • • •

Appearance = Process Documentation/Transparency, Pulse = Process Stability, Grimace = Process Auditability/Veriﬁcation, Activity = Experience with Process Execution, Respiration = Eﬃciency of Process Execution.

A B U S I N E S S P R O C E S S F OR L I T I G AT I O N R E A DI N E S S

[ 25 ]

Simple but extremely useful and predictive. (More on the APGAR– business process evaluation in Chapter 4.) The point is that when a company conducts an assessment, there are many “methodologies” that are paraded around the industry. The one to use is the one that is Just Good Enough.

2.09. WHAT MAKES YOU SPECIAL?

Assessment must take into consideration the elements that make each organization unique. Every organization is diﬀerent as measured by factors such as: 1. the regulatory demands of the industry it is in; 2. the frequency and diversity of litigation and nonlitigation events that trigger discovery; 3. the overall intensity of discovery (the number of matters that result in discovery obligations). Even if two companies have identical discovery response gaps, one can’t assume they can use the same business process reengineering eﬀort. The right choice must be based upon a thorough assessment that produces a sense of proportionality using the dimensions above (and other similar ones). A thoroughgoing assessment of the state of the organization vis-à-vis litigation readiness will set the tone for a campaign to embed the concept into the culture.

2.10. DISCOVERY RESPONSE PLANNING VS. DISCOVERY RESPONSE PLAN

Following assessment, senior management now turns to planning. Or is it “a plan”? This is more than a matter of semantics. Companies must decide right up front whether the team is designing a living, breathing planning process or producing a static plan. One evolves. The other is a ﬁnished work, ﬁnished even before the process has begun. Our recommendation is to view this critical process reengineering eﬀort as a planning process. If the company produces a plan, that plan then comes to be literally viewed as a document—and worse, as the ultimate goal. Though documentation of a discovery response plan is critical, the process

[ 26 ]

Litigation Readiness

of constructing and continuously improving the plan is equally if not more important than the plan itself.

2.11. INTERNALIZING YOUR CULTURE

Through this planning process, an organization will be able to internalize the “cultural” aspects of implementing a plan. Are the people involved prone to using manuals or playbooks with prescriptive process steps outlined in a checklist fashion? Or are they more accustomed to “considerations and guidelines” as the mechanism for them to act? The process of planning is also a great opportunity to educate the participants and stakeholders on the components of the plan. An organization should use it to emphasize the interdependencies of seemingly disparate departments when it comes to e-discovery. On another level, a company will be able to document their anxieties and successes in the plan. The ability for a planning process to be conducted in this fashion is directly correlated with the ability for a plan to be successfully implemented and subsequently embedded.

2.12. IMPLEMENTATION: 5 PARTS PEOPLE, 1 PART TOOLS

“Can’t the techies just do it?” A company may hear this, or sense that it’s being asked, as it proceeds with a litigation readiness initiative. “If our computer network is not ‘litigation ready,’ (whatever that means), then we must have a computer problem. So let the information technology (IT) department take a software program oﬀ the shelf and solve it. Why should I be involved?” Throughout an organization, people may have come to believe that, if something involves the computer network, then IT has principal ownership of the issue. There are many organizations that do jump immediately to some whiz-bang technology to represent the newly designed discovery business process. These organizations skip the critical steps of moving the human participants in the new business process along the change continuum. They don’t even realize how vital the individual’s buy-in and participation are to the success of the initiative. Later on, they may discover their misstep in a most painful way. On a more hopeful note, over the past ﬁve years, we have observed that the in-house legal department in more and more companies has internalized the fact that the litigation/e-discovery

A B U S I N E S S P R O C E S S F OR L I T I G AT I O N R E A DI N E S S

[ 27 ]

process is a legal business process, enabled by the information technology (IT) function, rather than a tactical, IT function. However, many in-house lawyers are still “arms-length” from electronic discovery mechanics— something that we believe will change over time.

2.13. THE PEOPLE FACTOR IN LITIGATION READINESS

Every new business process changes the behavior of the human participants. They may have to change the way they are currently behaving and do it diﬀerently. They may have to start behaving in a new way. Or they may have to stop doing something they have always done. An initiative as sweeping as litigation readiness will require all three types of changes. Change in the workplace can be tumultuous. In order to successfully implement a litigation readiness strategy, one must ﬁrst convince the troops that everyone plays a role—and has a personal stake—in making it work. This educational process must occur before the team is asked to begin implementing the new process. Otherwise, implementation will be uneven at best. An implementation process that emphasizes the human dynamics aspects of change will have a higher probability of success. “Make sure everyone gets it before you forge ahead” is a simple yet critical cautionary note.

2.14. EMBEDDING: BACK TO THE BASICS OF CHANGE MANAGEMENT

Embedding a concept into the corporate culture is one of the most important, and diﬃcult, challenges senior management faces. Embedding a commitment to litigation readiness requires an extra degree of eﬀort because of the educational component necessary to its implementation. We have learned through our considerable experience with the creation and implementation of this particular change process that the embedding is much more successful if approached as a change management exercise. Feedback is the key to the success of this phase. When the discovery response plan is put into practice, it is critical to gather plenty of qualitative and quantitative feedback from the team(s) involved. Once collected and analyzed, this feedback needs to be incorporated back into the plan in the form of edits, augmentations, deletions, etc. As soon as possible, those involved in the process must be able to review the revised plan so that they can see that their input was gathered in good faith and incorporated in a thoughtful way into the process.

[ 28 ]

Litigation Readiness

One must keep in mind the stakeholders are legal, business, and technology professionals. These are people who tend to have opinions and are not shy about expressing them. Moreover, the opinions tend to be well informed. Finally, these people are accustomed to seeing action follow hard upon an expression of their opinions. This is an asset, but also creates a big responsibility for the process stewards to ensure that feedback is continuously incorporated into the business process. Eﬀorts to gather and incorporate input will not be in vain. This approach in and of itself can be the diﬀerence between success and failure of an eﬀort to embed a new business process in an organization.

2.15. OUTSIDE COUNSEL ROLE IN LITIGATION READINESS — BRING THE OUTSIDER IN

There are many reasons why outside counsel should be involved in a litigation readiness initiative. At a fundamental level, there are many decision points which require legal opinions, where a judgment needs to be made about how a process step should be codiﬁed. More important, it is a rare organization that litigates its matters without use of outside lawyers. As such, when a discovery response plan is invoked by a company, you don’t want key outside counsel to feel they have been handed a plan and instructed to “line up and obey.” Ideally, they have been active participants in the initiative, from the very beginning through the phases of implementation and embedding. As participants, they will feel like stakeholders and will be more likely to be advocates than second-guessers.

2.16. CHOOSING THE RIGHT OUTSIDE COUNSEL

The challenge is how to select which ﬁrm/lawyer should have a seat at the table to participate in a litigation readiness exercise. Some organizations have gone through a counsel convergence exercise where they have narrowed the list of outside ﬁrms they use and have even chosen preferred ﬁrms for diﬀerent types of litigation matters. In this case, a ﬁrm that represents the portfolio of matters where e-discovery is especially common can be a good choice. We often ﬁnd that the lawyers whom our clients have chosen to participate in the process have demonstrated either some competence in e-discovery or a desire to be more informed on the subject. If presented as an opportunity for career growth, participation in the litigation readiness

A B U S I N E S S P R O C E S S F OR L I T I G AT I O N R E A DI N E S S

[ 29 ]

process will be attractive to such outside counsel. (You probably still have to pay them for their time, though!) In fact, these days, an invitation to an outside law ﬁrm to participate in a process such as e-discovery is essentially a “license to hunt.” A lawyer from a law ﬁrm worth her salt in the business development/relationship management arena will look at this as an opportunity to demonstrate such competence that the in-house lawyers will conclude that life without this individual/ﬁrm would be really diﬃcult. Bottom line—your outside counsel should be lining up outside your door to participate in this process—if they are not, that should tell you something.

2.17. HORIZONTAL VS. VERTICAL EXPERTISE

When considering the involvement of outside counsel in the absence of counsel convergence or other means of winnowing the ﬁeld, the matter of a speciﬁc expertise in discovery should be examined. Most organizations utilize outside lawyers in litigation in a vertically integrated fashion, i.e., the trial counsel on a matter is also discovery counsel. More recently, another trend has emerged: the deployment of a discovery legal expert in a horizontal fashion. Certain organizations are going in this direction in the belief that discovery expertise exists apart from the matter itself. They have chosen to appoint a national discovery counsel that manages the function of discovery across all the company’s matters, collaborating with trial counsel who may have a distinct area of litigation expertise. As with any such decision, there is no one size ﬁts all answer. A national discovery counsel horizontally applied across all matters is not appropriate for all companies. However, the fact this position is becoming more commonplace suggests that e-discovery is becoming overtly acknowledged as a business process that exists in more than just “bet the company” or large-scale litigation as a “one-oﬀ.”

2.18. GET OUTSIDE COUNSEL INVOLVED EARLY

We have found that, if an organization has a desire to appoint a ﬁrm/lawyer as national discovery counsel, it should be done before we start our work with them. In this way, the ﬁrm can get up to speed on the process and participate in the formulation of the discovery response plan. If a client expresses an interest in retaining national discovery counsel, we typically assist with the selection by evaluating the ﬁrm’s capabilities to

[ 30 ]

Litigation Readiness

be discovery counsel on a go-forward basis. A litigation readiness exercise is a great opportunity for a company to evaluate the e-discovery capabilities of their key outside counsel so that when a process is in place, the company already has a good idea of how to approach the management of discovery with outside counsel.

A B U S I N E S S P R O C E S S F OR L I T I G AT I O N R E A DI N E S S

[ 31 ]

C HAPTER 3

Assessment, Part I: The Fabric of Introspection

3.01. A PARABLE

Acme Corporation is a thriving Connecticut-based ﬁnancial services company. Acme’s chief ﬁnancial oﬃcer just returned from Wall Street, where she discussed the company’s quarterly earnings projections with the analyst community and warned that earnings may not meet projections. In part, she explained, this was due to some unexpected litigation expenses that are not covered by insurance or reserves. As a result of this experience, Acme’s oﬃce of the general counsel, information technology (IT) department, and senior business executives have all been sensitized to the need for litigation to be managed in a more robust manner. A leadership summit is called. There, senior management decides that the company needs more predictability in managing litigation and the associated costs. Acme’s associate general counsel (AGC) of litigation gets wind of this initiative. She explains to the general counsel that electronic discovery (e-discovery) is having a signiﬁcant impact on the ability of many organizations to predict the cost of litigation. This is something she learned while attending a defense bar conference on a cruise ship oﬀ Key West. The general counsel’s ears perk up. He was at the table when the executive committee chartered an eﬀort to make the business “litigation ready.” (He also noticed this phrase in an email he received about a web conference with a title of the same name.) He decides to get a handle on this new phenomenon, e-discovery, that can exact such a cost and in such an unpredictable way. A plan containing dozens of pages full of process ﬂow diagrams, charts, deﬁned roles, and responsibilities is developed. Notice of a must-attend meeting circulates among ﬁfty-some leaders and department heads. Crowded into the

corporate auditorium, they are subjected to a surprisingly long e-discovery presentation. The executives at Acme all publicly buy in to the program with much fanfare and spirit. On their way out the door everyone is handed a binder full of documents and instructions, and oﬀ they go to prepare the company for any electronic discovery scenario that might come its way. Only nothing changes at the company. After three months, those binders gather dust on shelves in departments across the company, and business processes stay unchanged while discovery is again handled on an ad hoc basis. No one takes ownership after the initial project, and when the occasional lawsuit involving electronic discovery hits the company, everyone scrambles to ﬁgure out how to deal with broad requests for documents. The scenario outlined above is neither uncommon nor is it limited to the e-discovery domain. In our work helping companies embed a new or reﬁned business process into their organization, the inability to follow up on initial enthusiasm and sustain momentum are common failings. Companies launch initiatives all the time that go nowhere. But failure in litigation and discovery brings with it consequences that are potentially more damaging than most other failed business process. If a company does not have documented and well-understood e-discovery response processes in place, a litigation matter with an e-discovery component can create ballooning expenses many times the expected cost.

3.02. SELF-ASSESSMENT

The conversation about litigation readiness begins with serious selfassessment. This conversation is really an introspective exercise. By deﬁnition, introspection is an inward look at oneself, which is always diﬃcult to do. The diﬃculty is compounded when a company realizes that a self-assessment around litigation readiness can reveal some scary “near misses.” Add to this the fact that an organizational culture may or may not be supportive of making mistakes as a learning exercise. It is diﬃcult to ﬁnd fault with oneself, even if for the well-intentioned purpose of self-improvement. Self-assessment starts by asking questions about your litigation and discovery challenges right now. Questions such as: “How often, as a percentage of total litigation, does a certain type of matter result in the company going through the discovery stage of litigation?” Or, “what percentage of the time does my company propound discovery on the other side? How often is electronically stored information part of the evidence pool?” It is important to quantify how often you are producing documents, how often you are asking opposing and third parties to produce documents

A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 33 ]

to you, and to quantify the scale and scope of such requests. These kinds of questions establish the baseline for the existing state of e-discovery at a company—the discovery intensity within the company. In our experience, the vast majority of companies do not have a framework to conduct a basic cost-beneﬁt analysis to determine if the costs, both in terms of hard dollars and resource costs, of e-discovery are going to be more than the company stands to gain by litigating the matters they face through the discovery phase and to settlement or ﬁnal judgment.

3.03. UNDERSTAND COST PROPORTIONALITY

For example, the sheer volume of unstructured data, usually deﬁned as user-created data (or loose ﬁles) that is not stored in a structured database, can make it inordinately expensive and diﬃcult to produce all potentially relevant information to the requesting party/other side. Developing a basic understanding of the costs of e-discovery will help ensure that these costs can be appropriately factored into cost/beneﬁt analysis of settling a matter, versus litigating through discovery and beyond. In the spirit of litigation readiness, in-house counsel must begin by identifying the discovery risks a company faces and quantifying those risks. Some areas, such as employment-related claims, may be a frequently litigated subject, but the amount and variety of electronically stored information (ESI) is likely low relative to other matters. Conversely, a patent infringement suit may be a rare occurrence for the company, but involves large amounts of ESI from multiple, disparate sources scattered around the company. There are also a number of companies in highly regulated industries who do not have a very intense litigation portfolio, but requests for production of documents come frequently from regulatory bodies such as the Federal Trade Commission, the Securities and Exchange Commission, the Department of Health and Human Services, the National Highway Traﬃc Safety Administration, etc. In these cases, there is a high frequency of events where demands for discovery are intense, but there may not be a lot of room for managing scope through negotiations. Understanding not just the absolute intensity of litigation and nonlitigation events that trigger discovery but also the context from which the demand is borne is critical.

3.04. ASSESSING DISCOVERY INTENSITY

Just as an organization faces a certain intensity and variety of litigation, it also faces a discovery intensity from its diﬀerent portfolios of litigation. [ 34 ]

Litigation Readiness

This discovery intensity, on both an overall and a portfolio-by-portfolio basis, must be documented and understood as part of a litigation readiness exercise, because it will inform where the company focuses its time and resources in getting litigation ready. Discovery intensity is measured by the overall intensity of demands for documents to be produced as well as the intensity and complexity of activities required to fulﬁll these demands. The review of discovery intensity should also include an analysis of current practices and a detailed review of existing or planned processes and technologies that will be called upon to address discovery. That process must be combined with a gap analysis—a process that places a value judgment on the robustness of discovery processes to fulﬁll discovery obligations as well as outlines the consequences of these gaps in creating risk and cost for the organization. It is only possible to adopt solutions proportionate to the risk and cost exposure your organization faces by taking an inventory of your discovery risk proﬁle. To do so requires an assessment of the current state of an organization’s e-discovery processes and identiﬁcation of the gaps in people, process, and technology that create cost, risk, and cycle-time challenges. The current and anticipated litigation portfolio and associated discovery intensity will set baseline requirements for eﬃcient and defensible discovery response in and across each major line of litigation.

3.05. COMPANY AND INDUSTRY LITIGATION PROFILES

Companies need to begin by addressing broad questions such as, “What is the litigation intensity of the company as a whole and within its industry sector?” Litigation is certainly a driver of discovery, but to understand one’s litigation risk proﬁle, the ﬁrst things to assess are the company and industry speciﬁc triggers and broad trends that lead to litigation for the company. Companies are often under obligations on many fronts, from merger and acquisition activity, antitrust law, regulatory investigations from the Securities and Exchange Commission (SEC) or Federal Trade Commission (FTC), or even internal investigations. Additionally, requests from outside parties or third-party subpoenas will impact a company’s litigation and discovery intensity, often in unexpected ways. E-discovery as part of large litigation can be a daunting proposition for any organization, but discovery threats come with diﬀerent intensity and threat levels that demand customized responses. For example, some companies may be in industries rife with environmental litigation about harm caused from the manufacture or use of asbestos or benzene. Such industry-speciﬁc events like this create a relatively large exposure, A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 35 ]

but they are often predictable and manageable from a litigation and discovery perspective. In such cases, the plaintiﬀ ’s bar tends to have a litigation formula with the same allegations and the same types of document requests, so responding can be an expensive but relatively predictable matter. Before panicking about e-discovery, it is important to get qualitative information about the kind and intensity of litigation likely to be faced by your company.

3.06. IDENTIFYING THE RISKS — IN JUST GOOD ENOUGH STYLE

In becoming litigation ready, a company needs to focus on the business process of litigation and the company’s current state of readiness for e-discovery. In most organizations, readiness (or lack thereof) is driven by the overall hygiene of information governance in the company. Improper information governance is the root cause of most e-discovery tribulations. Unfortunately, many companies are still lagging in implementing policies and procedures to govern the information lifecycle: the creation, management, storage, transport, and destruction of information. The good news is that e-discovery and litigation readiness are a strong impetus for reforming information governance, which can be a huge beneﬁt to a company over and above the beneﬁts derived from improved e-discovery practices. In identifying the tangible risks associated with a less than ideal e-discovery process, one must look at risk in the context of consequence. In other words, the company should ask what are the actual consequences of process gaps? One of the challenges in this regard is that if a company has not yet faced any of these consequences, taking the initiative (and incurring the time and expense) to identify and ﬁll electronic discovery process gaps may be viewed as a sky is falling/Chicken Little exercise. A lack of good information governance can also lead to adverse rulings from a judge unhappy with a company’s response to the court’s discovery order. This can run a rather alarmingly broad gamut, and there is plenty of evidence in case law and rulings that these consequences are not abstract. One may face sanctions and adverse inference instructions (where the judge may instruct a jury that any documents not produced by a party should be assumed to be damaging to the party). Or the court may resort to a preclusion order, in which a party is prohibited from submitting further evidence supporting their claim or defense. This will seriously limit your ability to defend yourself. Another nasty (and uncommon) option is a directed judgment that eﬀectively ends a case in your opponent’s favor. All of these consequences have been ones faced by companies. The balance is to make sure that a

[ 36 ]

Litigation Readiness

company’s reaction/response to these possible consequences is proportionate to their company-speciﬁc exposure—in other words, Just Good Enough.

3.07. CORPORATE CULTURAL SHIFT REQUIRED

The failure to implement a reasonably designed discovery response plan is a very common problem. Unless something deeper changes within a company, people and processes do not easily adapt to the demands of litigation readiness. Anyone can draw up a discovery response plan. In fact, you can probably go to any major search engine and ﬁnd one online right now, stuﬀed with full-color diagrams and ﬂowcharts. But unless a cultural change happens within a company to embed those good intentions, the binders full of graphs and ﬂowcharts that our Acme executives toted out of their litigation readiness seminar will have no real impact. All change management stems from a “what’s in it for me (WIFM)” mentality. If the change agents and the ones that need to change are not clear on the cost of change as well as the beneﬁts of change, usually nothing much happens. In the case of Acme Corporation, there was a “top down” eﬀort to instill a litigation readiness culture in the company, with the stated beneﬁts being to stave oﬀ any potential dire consequences of improper e-discovery response. The challenge was that the consequences were relatively abstract to Acme’s rank-and-ﬁle employees. A lack of management control over cost was most certainly an issue. But after the triggering legal matter was settled, the half-life of organizational memory was quite short. As a result, the initial enthusiasm for getting control of discovery as a means to avoid further cost overruns couldn’t be sustained through the organization. Binders gathered dust, and yet another initiative went where ﬂash-in-the-pan initiatives go to die—the shelf.

3.08. CONFRONTING REALITY

E-discovery is a topic most managers and lawyers would prefer to avoid. The lawyers understand it (some more than others) and don’t like it. Too messy, too unpredictable. It forces an uncomfortable focus on the process versus the merits of the case, where most lawyers prefer to concentrate. Nonlegal management, with the possible exception of the information technology department, has at best a vague understanding of what it means—and that little bit of knowledge frightens them. They fear they have no idea how much ESI their workforce creates every day or what

A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 37 ]

happens to it, let alone where it all might be lurking. So, despite the pervasiveness of discovery and the rapidly increasing pace at which ESI is overtly requested in discovery, most corporations in the United States are not e-discovery ready. One noteworthy exception to this is the growing popularity of a dedicated discovery/e-discovery counsel in some large legal departments. This is where an attorney, operating at the intersection of law and technology, and facile and current in the e-discovery legal opinions landscape, acts as an e-discovery process steward for her company. This is a very positive development and bodes well for the future of litigation readiness. One evolutionary need in this domain is that these discovery counsel tend to be used as matter-speciﬁc instruments to support line and outside counsel, often becoming the go-to person for things such as 30(b)(6) depositions concerning the company’s discovery practices1. Unfortunately, this takes them away from being a true steward of the litigation readiness business process by focusing on being proactive and measuring their contributions via continuous improvement of the process and measuring risk reduction, cost reduction, and cycle-time improvements. We are, however, not bemoaning the trend of discovery counsel—it is a deliberate step in the right direction. In business-to-business litigation, many litigants still take an “I won’t ask for yours if you don’t ask for mine” attitude toward ESI. The fear of mutually assured destruction—or the fear of exploding costs associated with handling ESI—has historically caused parties to avoid the e-discovery discussion. Furthermore, even the amendments to the Federal Rules of Civil Procedure (FRCP) governing discovery that went into eﬀect in December 2006 were ignored by many. The landmark amendments codiﬁed the notion that parties must proactively discuss ESI in order for justice to properly be meted out. Ignoring the ESI elephant in the room is no longer an option under the amended rules. Still, many parties manage to avoid the topic. The problem with avoidance as a strategy is that if one party decides to strike ﬁrst, the other party is woefully unprepared. In embarking upon a litigation readiness initiative, it is critical to acknowledge the reality that many process participants, stakeholders, and inﬂuencers may not feel the importance of the initiative at the same level as the process champion or steward. This is not a showstopper, but ignoring this dynamic is not recommended.

1. Federal Rule of Civil Procedure 30(b)(6) allows for a “corporate representative” to be deposed by the opposing party concerning speciﬁed topics rather than compelling opposition to identify a particular witness within the company.

[ 38 ]

Litigation Readiness

3.09. PAPER TRAILS AND TIGERS ONLY, PLEASE

Despite the considerable corporate litigation that ﬂoods U.S. courthouses every day, and the near certainty that most of these suits will require some level of e-discovery, remarkably many companies still only talk about paper discovery. The upshot is that most companies don’t have a process for addressing e-discovery because they hope they will never actually be compelled to do so. They have no idea what the consequences of a request to produce documents would mean for the organization. As such, it is very diﬃcult to establish a sense of what is a proper response to the e-discovery question, since most companies haven’t assessed their exposure to this inevitable situation. We have seen a pattern emerging with respect to how the courts view this lack of preparedness. The courts are taking a very paternalistic approach, forcing many litigants to sit down and discuss how ESI will be handled early in the pretrial phase. Increasingly, judges will punish litigants who fail to live up to their discovery obligation. Ultimately, in order to sustain a new business process, there needs to be consensus across and through multiple levels of an organization that there are consequences of a lack of proper e-discovery process hygiene. But how does an organization achieve this consensus without infusing a lot of drama into the organizational psyche—especially drama borne from abstract stories of how other organizations have suﬀered? It can be done.

3.10. ASSESSING CURRENT PRACTICE/PROCESS — DOCUMENTING THE GAPS

The critical importance of proper documentation of process gaps for creating your discovery response plan can scarcely be overemphasized. Identifying gaps is vital to addressing a company’s discovery response processes on an ongoing basis. Documentation should identify the existing discovery response plan in place, show how was it developed, and how well it is followed. Of course, in many cases, this exercise is about documenting the absence of a discovery response plan. The assessor should document all the process participants, their roles and interactions (who does what for whom and in what sequence). Furthermore, the tools or technologies used to conduct work should be identiﬁed—for example, one of the critical tools that is usually missing from an organization is a mechanism to identify potentially relevant repositories of ESI. This enabling tool is called an ESI content map.

A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 39 ]

The assessment should include an overview of the process whereby an organization, formally or informally, identiﬁes where documents and data are stored and on what type of systems. The documentation should focus on how a company identiﬁes all personal data repositories, including desktop and remote computers, removable storage media, personal digital assistants, email and communications systems, network share drives, application databases, and oﬀ-site or hosted systems. How does a company pinpoint all ﬁle types, including legacy and proprietary systems and all recent and future IT investments that could change these systems? Gathering this kind of detailed information is critical to ensure that a proper introspection is performed.

3.11. ESI CONTENT MAP DEFINED

An ESI content map is essentially a description of diﬀerent types of business records of the company and the repositories in which they are stored. Unlike network maps and other data maps IT staﬀ tend to keep (which are usually focused on data ﬂows), an ESI content map identiﬁes the location and stewardship of repositories containing potentially relevant information for the types of discovery requests faced by the company. An assessment process should not only identify as a gap the absence of a content map, but in conjunction should outline how the organization identiﬁes potentially relevant repositories. Typically in companies, a “tribal knowledge” method is employed—meaning that the identiﬁcation of repositories is driven primarily by whom one chooses to ask. In an enterprise with very complex, geographically diverse systems, a lawyer (and sometimes not even an IT professional) likely is not aware of every server, hard drive, and ﬁle location, which is further exacerbated if the enterprise has been involved in several acquisitions and mergers.

3.12. ASSESSMENT SHOULD BE BROAD-BASED

The assessment also needs to identify processes for things such as how a company preserves relevant ESI once a legal hold has been initiated. Of particular interest is how diligently employees respond to and comply with the legal hold notice. The methodologies and technologies used for evidence collection should be also assessed for cost-eﬀectiveness and legal defensibility. Process documentation should identify where and how data

[ 40 ]

Litigation Readiness

is stored, in what formats, and how the chain of custody is maintained when data is collected, and how metadata is preserved. These kinds of introspective exercises, if culminating in process changes, ensure that, in the event of inadvertent document destruction or other mishaps, the enterprise can demonstrate a good faith eﬀort to identify, collect, and preserve data.

3.13. KNOWING THYSELF

Things such as documentation and ESI content mapping are also important tools for dealing with adversaries who try to game the discovery system to their advantage. Opposing parties will generally request a large amount of ESI in the broadest possible terms. Sometimes such a request is made in good faith; perhaps the requesting party simply doesn’t want to miss something important. However, some requests are designed to overburden an opponent so that discovery becomes the end of the line for the matter. A detailed ESI content map can be used to illustrate the universe of potentially relevant repositories and ESI and create a proportionate (translation: cost-eﬀective) e-discovery response, one that will frustrate the discovery end-gamers and serve your organization well. The amendments to the FRCP governing discovery create a need for documenting (and disclosing to the court and opposition) not only the steps that were taken in discovery response, but also the decision process and rationale behind those actions. Having a consistent, simple, and transparent mechanism for documenting and disseminating process information is a strong indicator of good faith behavior to adversaries and judges.

3.14. IS THE ASSESSMENT DISCOVERABLE?

It is important to note that, while documentation of gaps is an important part of the assessment process, it is also something that some organizations fear. Depending on a company’s view of privilege, the appetite for what is documented in the assessment process varies signiﬁcantly. However, it is our experience that most organizations gravitate toward documenting process gaps, especially if they have a plan to remediate these gaps. Taking action to close process gaps, many companies feel, is a demonstration of good faith behavior in trying to design a reasonable process.

A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 41 ]

3.15. HUMAN DYNAMICS FOUNDATION FOR EMBEDDING PROCESS — GET YOUR COHORTS TALKING TO EACH OTHER

We ﬁrmly believe that implementing new processes is about human dynamics as well as documentation and tools. This is where the “softer” aspects of change management collide with the calculated demands of litigation and IT. A company must ﬁrst understand the human dynamics that are going to inﬂuence its ability to change before change can happen. The process of planning, like the process of assessment, starts with getting diﬀerent groups of people who don’t interact on a day-to-day basis in a room to talk about a business process that cuts across departments. For example, one attorney might regularly send out litigation holds, while another might not send them out at all. One attorney might explain that she sends a hold notice out on every single matter, and how it is done and is very precise about it, while another lawyer responds to each discovery request on the ﬂy. Furthermore, when people from diﬀerent disciplines and departments talk to each other in the context of assessing a discovery response process, there is a lot of learning that occurs, often resulting in “aha moments” that can inform the discovery response plan. Interactions between legal and information technology professionals are usually the brightest examples of the beneﬁts of getting people to talk to each other. An important ﬁrst step is to help people understand that there is a more systematic approach to discovery response that is repeatable, consistent, and predictable across their matters. The process of planning should ﬁrst demonstrate that a process gap can be addressed when people change their behavior. By empowering e-discovery stakeholders in this way, they are more likely to buy into the process than if you merely give them tools and hope that they use them.

3.16. DEFENSIBLY DIVERSE PROCESSES

Though inconsistencies will be identiﬁed in the assessment phase, the planning phase is an opportunity to explore these varied practices and select the best from all of them. For example, in the litigation hold arena, there may not be an absolute insofar as a process where every attorney needs to treat litigation holds in exactly the same fashion. Rather, the planning process may reveal that diﬀerent practices just need a documented rationale to back them up so that practices can be defended in court as being invoked in good faith.

[ 42 ]

Litigation Readiness

One group, surprisingly enough, that often has this issue is the in-house legal department, especially the litigation-focused attorneys. They are typically organized by type of litigation: employment, intellectual property, product liability, securities law, etc. They tend to work on their own matters and don’t do much planning across the group. This behavior is typically not a reﬂection of a particular culture. Rather, it is just how the practice of law has evolved over the years. Diﬀerent matter types tend to have nuances that may not transfer to other matter types, and each type of matter may have a diﬀerent set of law ﬁrms servicing it.

3.17. THE LINEAR/NONLINEAR PROCESS

Lawyers are not often familiar with business processes, which tend to operate in a linear fashion. Discovery is a non-linear process, with many phases overlapping and a lot of back-and-forth and backtracking as counsel ﬁre competing motions at each other. Putting a linear process in place for a nonlinear activity will be problematic unless the legal team is able to exercise discretion. If you allow room for human decision-making in the process, the process will be ﬂexible and responsive to the demands of litigation. The lawyers should be allowed to heavily inﬂuence the creation of the list of custodians (individuals in custody and control of potentially responsive documents), key players, and data repositories to be searched. Once those judgments have been made and the triggers have been tripped, starting the e-discovery process, the lawyer’s range of decision-making may be narrowed (as well as their desire to be involved in the mechanics of discovery), and the discovery response plan should be adhered to. But at the beginning, people, as well as processes, are vital for launching a measured response. It should be noted that the FRCP amendments clearly allow organizations to excercise discretion in many phases of discovery. In areas where the rules allow discretion, it is best to take it and give your people the room to use their experience and training. In other areas, where the rules are more inﬂexible—like the issuance of a litigation hold letter—make the process clear and consistently enforced, with little to no room for ﬂexibility.

3.18. RELEARNING YOUR JOB

The point of this cross-functional, intracompany learning is to take and build on a company’s prior experiences and provide a common language and shared vision for establishing a discovery response framework. It is now

A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 43 ]

possible to prioritize actions and to deﬁne what improvements are necessary for the company. Mapping record types to actual custodians and repositories requires reaching out across organizational boundaries to other business units within the company, particularly the information technology and records management departments at the company. E-discovery is driven by human interaction as well as the subject matter expertise aspects of litigation. A lawyer’s strengths are likely in linking the issues, arguments, claims, and defenses to an overarching discovery response strategy. But it is also common for them to employ their “tribal knowledge,” or their life experience at the oﬃce, to identify the people likely to be custodians of records. This informal system is often not up to the task in a system as complex as e-discovery. That is because ESI is usually distributed to many more people than paper documents ever were, which is just another reason why formal meetings are often necessary to get a true understanding of the issues across an organization.

3.19. TRUST YOUR EMPLOYEES

During assessment, there is a good chance that there will be some hurt feelings along the way. However, making objective value judgments is vital to ﬁnding a starting point for this process. In order to minimize hurt feelings, remember that the process is not about command and control. Lawyers, IT staﬀ, and businesspeople need to be allowed the discretion to make decisions within a larger framework. Often, when a problem is about consistency, the problem resides with an individual who doesn’t understand the importance of properly pursuing an issue. Though it is important to take away the unfettered ability to make misinformed or ad hoc decisions from employees where process gaps exist, employees must still be trusted to make decisions at appropriate points along the way. Many will resist change. If someone has been doing something for ten to ﬁfteen years, they’re not going to change just because some consultant tells them to. But if the new, improved process allows them some discretion instead of giving them inﬂexible marching orders, it is more likely that people will support the process. For example, lawyers should to be allowed to continue to use their judgment in how they read and interpret a complaint and how it impacts the scope of discovery. Their years of legal training are still invaluable in interpreting what they believe the plaintiﬀ is alleging, which individuals might be involved, and similar questions of judgment.

[ 44 ]

Litigation Readiness

Next, we will examine some of the ﬁner points of assessment: how to measure the gaps that exist in the current system and processes that govern an organization’s performance in the discovery process; how to evaluate and prioritize those gaps; and how companies begin to assimilate the litigation readiness initiative they have decided to adopt.

A S S E S S M E N T, PA R T I : T H E FA B R I C OF I N T R O S P E C T I O N

[ 45 ]

C HAPTER 4

Assessment, Part II: Internalizing Introspection—Metrics, Gaps, and Assimilation

4.01. MEASURING FOR E-DISCOVERY MASTERY

Mastering litigation readiness, achieving true information governance— these are ongoing processes that call for constant introspection and questioning the way things are being done. We’ll talk about more of the questions organizations need to be asking later, but it is important to understand that questions are meaningless without an objective scale on which to judge the answers.

4.02. BABY STEPS

We use a structured approach to litigation readiness assessment that has been reﬁned and optimized over many years. There are diﬀerent approaches, but the one we use is based on something with which many of us are likely familiar—the APGAR Scale. Yes, that’s right, the system used by clinicians to pass judgment on the health of a newborn so that rapid remediation of any issues may be undertaken. So, let’s do a brief in-service on APGAR. Virginia Apgar created the APGAR methodology in the 1970s to help clinicians take decisive action when a baby is born. The quicker that remediation is executed the higher the probability that any life-threatening conditions can be ﬁxed. APGAR is derived from Ms. Apgar’s name but also has evolved into an acronym.

The A stands for Appearance, the P stands for Pulse, the G is for Grimace, the A is for Activity, and the R is for Respiration. Each of these is qualitatively measured by a clinician immediately after birth, and if any one of the measures is askance, swift remediation measures are employed. This approach recognizes that judging the health of a baby at birth is a scientiﬁc process but is also highly dependent upon the experience of clinicians who have seen hundreds of births. We have leveraged the APGAR scale and have utilized it to develop a methodology to eﬃciently assess legal business processes such as discovery. Our utilization of APGAR as the framework for business process assessment is as follows. The A from Appearance is Process Documentation/ Transparency, the P from Pulse is Process Stability, the G from Grimace is Process Auditability/Veriﬁcation, the A from Activity is Experience with Process Execution, and the R from Respiration is Eﬃciency of Process Execution. Clever? Perhaps. Appropriate? Certainly. These ﬁve key process dimensions are, in our experience, the ones that determine if a business process is properly honed to balance risk, cost, and cycle time. Furthermore, it allows individuals involved in assessment to combine qualitative and quantitative methods to rank and rate business processes. The point of such an assessment methodology is to create a scale with which to make a value judgment. We have leveraged APGAR because it is familiar to many. It is also a useful framework because it does not just ﬁnd the gaps in a discovery response process, but can assess those gaps and judge them on a relative scale from the most pressing to the least important. It is essential to have some way to quantify a discovery response process; otherwise it’s just a documentation of someone’s gut feelings. Finally, APGAR is a tangible manifestation of the Just Good Enough Approach to process improvement described in earlier chapters.

4.03. AD HOC TO VALUE ADDED

Process improvement is an upward spiral of iterations—assessing, analyzing, planning, and implementing—that make small improvements into a continuous process. Because APGAR is a tried-and-true approach based on continuous identiﬁcation of issues and rapid remediation, enterprises can gauge their process from ad hoc, to repeatable, to managed, and ﬁnally, if mature, to optimized processes. An APGAR score is taken one minute after birth as well as ﬁve minutes after birth. As such, this approach is very consistent with the need for iteration in business process improvement.

A S S E S S M E N T, PA R T I I

[ 47 ]

Make a value judgment, take action. Check back in at a predetermined frequency, and do it again. APGAR provides a starting place to build on the enterprise’s prior experiences, establishes a common language and a shared vision, provides a framework for prioritizing actions, and deﬁnes what improvement means for the enterprise. It can be used also as a benchmark for comparing diﬀerent enterprises. Employing a methodology like APGAR demands a formal assessment and planning process, but we believe it is worth the time, cost, and eﬀort. Using a methodology that is familiar to laypeople, regardless of functional domain, is also useful to start creating a translation layer between functional groups whose day-to-day language and jargon are quite diﬀerent.

4.04. SETTING A BASELINE FOR LITIGATION READINESS

The beneﬁt of a scale like APGAR—0–10, with higher numbers meaning greater process maturity—is that the qualitative managerial gut feel of people within an organization can be represented with a quantitative scale that enables a baseline measurement as well as the ability to track and report on improvement. APGAR is not the only framework to assess an e-discovery (electronic discovery) business process. It is, however, representative of the critical elements required for proper assessment. Assessing current information management policies and practices means determining how well the organization performs in the areas of personal data management, email management, content management, application data management, and storage management. If there are policies and practices in place, an objective scale will determine how well they work. Out of the assessment, the organization can analyze the gaps between existing and best practices, relative to the organization’s discovery intensity and risk proﬁle.

4.05. QUESTIONING THE WAY THINGS ARE DONE

There are hundreds of speciﬁc questions that can be asked about a company’s litigation readiness, but broadly speaking, example of pressing topics that need to be covered are: • • •

How ready is the enterprise to respond to a discovery request? Who does what to whom, with whom, and for whom? What documents and data are stored digitally and where do they reside?

[ 48 ]

Litigation Readiness

• • • •

How are litigation holds implemented and managed? What methodologies and technologies will be used for evidence collection? Once collected, how will evidence be prepared for review and subsequent production to a requesting party? Who is in charge of the process? Who leads the process? Who supports it? Who authorizes actions to be taken? Who needs to be kept informed?

By answering questions honestly, an organization can assess two watershed issues in discovery: •

•

How well does the enterprise identify the scope of data that is potentially responsive to a discovery request and how then does the company issue and manage legal holds for preserving the electronically stored information (ESI) identiﬁed as being in scope? What methodologies does the enterprise employ in the collection, processing, review, and production of ESI to minimize the overall cost, time, and risk associated with e-discovery?

4.06. REAL GAPS, REAL CONSEQUENCES — PEOPLE, PROCESS, AND TECHNOLOGY GAPS

The assessment process is designed to uncover gaps in the areas of people, processes, and technology as they relate to current discovery practices. The answers to the assessment questions carry relative weighting in terms of impact on discovery response time, cost, and risk. Some questions are more indicative of a robust process. If the response to a question is that a process is completely lacking, that will be graded at a more severe level than will be a partial process. For example, there is ample evidence in the marketplace that if a company does not have a process for people to acknowledge a litigation hold, the company can be penalized with sanctions or even direct economic damages. The consequence of this gap is real and demonstrable, and the assessment must reﬂect this.

4.07. RISKS IN PRESERVATION

Similarly, in the case of preservation, not having a named individuals with the authority to issue, alter, and lift a litigation hold might demonstrate a

A S S E S S M E N T, PA R T I I

[ 49 ]

lack of importance being placed on this activity by the enterprise. This lack of control over the litigation hold process could result in the inadvertent destruction of critical evidence and expose the enterprise to sanctions. Because it represents a real risk, if it exists it should be weighted more heavily than other, less tangible gaps. In the area of evidence collection, questions about the enterprise’s current processes for maintaining chain of custody and document authenticity may reveal several serious gaps. One common one is insuﬃcient documentation to demonstrate that actions were taken pursuant to a reasonably designed process that was invoked in good faith—in other words, documenting the rationale behind decisions made. Another involves using processes that raise the risk that evidence may be ruled inadmissible or become subject to spoliation and evidence tampering claims. In this area there is a continuum of risks, some less immediate than others. Not every process gap demands the same level of panic or frenzied response. For example, not all evidence carries the same spoliation risk, especially if it can be recovered from alternative sources.

4.08. CREATING A FRAMEWORK FOR RISK PROFILE

Each company will have a diﬀerent risk proﬁle. A framework will tell an organization if this risk adds cost to the process, slows it down, or if it tends to lead to negative court ﬁndings and sanctions. Once the gaps in the discovery lifecycle have been identiﬁed and the relative impact on time, cost, and risk measured, improvement strategies can be developed. These improvement strategies can then be prioritized and implemented to address the areas of greatest risk. By calculating weighted average scores, the assessment can also serve as a benchmark for the future. The scores allow an enterprise to better understand how its current practices compare with others in the same industry, how its current scores compare with the processes in place elsewhere, and what phases of discovery response pose the greatest risk. But the process is not all about negatives. It is also useful to identify where the greatest return on investment might be realized, and whether investments in the latest technology or in other processes are needed. By starting with a comprehensive assessment of current methodologies and conducting an analysis of the gaps between current and best practices, a company can ensure that the investments made in people, process, and technology are aligned with areas that will have the most positive impact on its discovery response process.

[ 50 ]

Litigation Readiness

4.09. THE STORY IN DATA

Once it is understood how those gaps aﬀect cost and risk to the organization, it is easier to launch initiatives to address the holes in the overall discovery response process. As mentioned before, this assessment should take into account outside factors as well as internal processes. If there is evidence that other organizations have been penalized for not having a robust process in a certain area, assume the same is true for your organization and adjust the assessment accordingly. As strategy consultants we have our own assessment methodology and approach but also realize there is more than one way to conduct an assessment. However, we believe there are some necessary components to any assessment approach in order to properly establish the foundation for improvement. First of all, one needs a mix of qualitative and quantitative methods to document the “state of the state.” Next: a means to place a value judgment on the appropriateness of that condition relative to the needs of the organization. One obvious observation is that an organization should start an assessment process by looking at its discovery response plan, if one exists. Some assessment questions demand detailed answers; others a simple yes or no. If there is a plan, ﬁnd out under what circumstances it was created, how the plan is documented, and how well it has helped in real-world situations.

4.10. DRILLING DOWN TO FIND THE GAPS

The approach to intake in an assessment process needs to be relatively simple. We have found that one can begin by asking leading questions. These questions imply that, in a fully buttoned up e-discovery process, the practice that is the focus of the question should be an eﬃcient data-gathering mechanism. For example we start with this question and a few follow-ups to determine what sort of plan is already in place: 1. Does your organization have a formal plan to respond to discovery requests for electronically stored information (discovery response plan)? 2. What inspired the creation of the plan? 3. How is the plan documented? 4. How is it stored? (Paper document, Microsoft Excel spreadsheet, website, etc.)

A S S E S S M E N T, PA R T I I

[ 51 ]

5. Has the plan ever been invoked in response to an active litigation matter, investigation, or audit? 6. Is the plan meeting your needs? 7. If not, where are the gaps/struggles? 8. Are there named individuals who manage the plan and have authority to invoke, stop, or modify a speciﬁc response? These questions run all the way from the starting point through the most complex nuances of the discovery process. The answers not only deﬁne the starting point, but allow a company to uncover gaps in the existing process. But this baseline assessment is not about throwing out everything that is in place and putting a radical new set of processes in place. In fact, most organizations do a lot of things right. The point is to ﬁnd out what is in place and then leverage existing processes for creating a better, faster, and less expensive discovery response business process. Assessment, as described above, is a combination of art, science, ﬁnesse, and brute force. Assessment is the starting point, and despite the importance ascribed to this step, it is but one stop on the journey toward a better e-discovery response process.

4.11. ASSIMILATING AND INTERPRETING THE RESULTS — SECRET SAUCE

After a thorough assessment, the next step is to put together those “binders” that hopefully won’t sit on shelves gathering dust. Here’s the catch: The secret sauce is not the binder itself. Just like the assessment process, the interactions that make up the planning process have greater utility than memorializing the output in a document. As the plan is created, the introspection that was stimulated in assessment will go a few layers deeper. People will ask themselves not just “if” they do something, what will be the result, but also “how,” “when,” “where,” and “with whom.” They will make decisions to be part of an interdependent series of process steps, utilizing other colleagues to conduct work, enabled by tools and technology. They will also have some “aha moments,” as individuals realize the impact of their decisions and actions on others. To wit, we have been in countless meetings where scenarios such as a wellintentioned information technology (IT) manager declaring his practice of continually buying new backup tapes to preserve all the email in the organization for every employee (due to the IT manager’s well-intentioned but misdirected interpretation of a legal hold notice), while the general

[ 52 ]

Litigation Readiness

counsel looks perplexed as to why she is ﬁnding out about this after the fact. These revelations occur through continuous dialog, using things such as an assessment as the context for stimulating the conversation. As such, the planning stage should not just be about formulating a plan and being satisﬁed to stop there. Planning is not a one-time event, but is a conversation and a living process that needs a framework and to be kept evergreen. It is about the act of planning, rather than having an inert response plan.

[A] Better, Faster, Cheaper

Discovery response planning, like anything else a company does, has to be an iterative process. The company should always be looking for a way to make the process better, faster, and cheaper. Planning begins with a continuation of discussions with people across the company. One of the key beneﬁts of the planning process is the identiﬁcation of seemingly solid lines between departments and groups in organizations that one would think should not exist. Our experience has shown that functional groups that have every reason on earth to communicate and collaborate tend to not know what each other is doing and have rarely put any sort of mechanism in place to create collaboration. Identifying this as a gap is hugely valuable to a company, and ﬁxing it is actually not that intimidating. Sometimes the greatest return on investment can be seen in seemingly simple and obvious remediation like getting two functional areas (e.g., legal and IT) to talk to each other! E-discovery is a business process with management ownership in the legal department but with participation from multidisciplinary groups throughout the company. As such, it is critical that the planning process unearth these “ﬁefdoms,” which are in place either deliberately or just as a natural consequence of how people have approached their work over time.

[B] What Is “Just Good Enough”?

Despite all the warnings about e-discovery and its burden on litigation, it is important to remember that the courts are aware of this burden and generally are sympathetic if litigants can show that they took reasonable steps to fulﬁl their discovery obligations and conducted these steps in good faith. Over years of working with a very diverse portfolio of commercial as well as public sector organizations, we have come to the conclusion that

A S S E S S M E N T, PA R T I I

[ 53 ]

there is an overarching principle to regulate an e-discovery process, which we call “Just Good Enough.” What this principle does not mean is “do the least possible and just go through the motions.” Rather, the principle implies that an organization does not need a gold-plated solution to discovery just for the sake of gold plating. Businesses should not put processes in place for process’ sake, but should build a business process for e-discovery that meets their needs, that is defensible and reasonable, and does not expend time, energy, and resources without an overt return on investment. The response should be proportionate to the exposure—no more, no less—Just Good Enough.

[C] Good Enough = Good Faith

How does a court know when a discovery plan is suﬃcient—or Just Good Enough? To say, “I’m doing what’s just good enough,” could be interpreted as saying you don’t take the discovery obligation seriously. But that’s not the point. “Just Good Enough” is actually saying, “I’m not overdoing it relative to the business requirements of my organization and the obligations imposed upon me from internal or external parties.” As long as your Just Good Enough process can produce an output that meets your obligations, there is no reason to expect judicial sanctions. And “Just Good Enough” isn’t an excuse to scale down an e-discovery plan; it’s more about ensuring your plan rises to the challenge at hand. From an e-discovery perspective, the Just Good Enough principle forces an organization to take into account the realistic consequences of inaction. Is your process good enough? If not, the consequences manifest in one of several ways. Not having a process in place can lead to excessive cost relative to the value of matter or its strategic value, unacceptable cost unpredictability, or the sanctions and preclusion orders mentioned before. We are constantly reminding ourselves and our clients that proportionality is the key to managing the whole e-discovery process. Proportionality means that an organization must assess how they can conduct discovery that’s “Just Good Enough” to satisfy the demands of litigation. A discovery response plan is no good if it puts an undue burden on your company and makes life unnecessarily miserable. Ultimately, when a court views the actions of a company, they should see that the company is trying to do the right thing, in a manner that is reasonable.

[ 54 ]

Litigation Readiness

[D] Achieving Proportionality

Proportionality starts by taking a look at processes in place and making a value judgment about whether what is currently being done is suﬃcient. A sense of proportionality is established by examining several factors: • • • • •

the company’s litigation intensity; the industry in which the company operates; the company’s discovery intensity as related to its litigation intensity; the history of e-discovery in the company; a determination of whether there have been any missteps or any tangible consequences from a lack of proper discovery response processes.

Looking at the problem space in this fashion allows the company to make a value judgment about how well it can handle the demands of discovery given the attributes and dimensions of its unique and companyspeciﬁc litigation and discovery environment.

[E] Predictable, Defensible

Assessment is the place where you start to learn information about what is “Just Good Enough” for a company. You’re not just assessing your policies, practices, people, and technology involved in e-discovery; you’re also gathering critical information about the company itself. Who is this company? What is its litigation portfolio? What are its objectives in defending itself? What kind of intensity of e-discovery does the company faces on an ongoing basis? By asking and answering questions like this, a company can establish a baseline for what’s “Just Good Enough” for a litigation readiness strategy. This approach allows an organization to establish a proportional response given the legal climate to satisfy the demands of litigation and other events that create discovery obligations. By creating a baseline assessment of the external and internal forces involved, a company can create a process that is predictable and defensible. From a process management perspective, if a company can create and document a process that lays out a robust method that satisﬁes the demands of the Federal Rules of Civil Procedure or similar requirements in a transparent and understandable way, the organization can feel secure that its discovery team is providing a smart, measured approach that will avoid the pitfalls of e-discovery—and can defend its actions to a judge.

A S S E S S M E N T, PA R T I I

[ 55 ]

4.12. TAKING ACTION [A] Much Ado About Nothing?

One of our clients is a more than 100-year-old, diverse manufacturing company in the Rust Belt. It has a complex IT infrastructure and hundreds of active litigation matters at any time. This company has a senior group of attorneys that manages active dockets, and these lawyers are pretty well convinced they don’t want to be the poster child for e-discovery missteps. More important, the company is blessed with a general counsel who doesn’t want to be on the cover of the Wall Street Journal for all the wrong reasons. However, the senior lawyers also have associate general counsels (AGCs) between themselves and the general counsel who are the senior business managers for the day-to-day litigation functions within the company. This group happens to believe that e-discovery is much ado about nothing. In this company, a multidisciplinary discovery response team has been established with IT and legal representatives. This group is on the ground every day litigating matters or supporting lawyers by deploying technology to help them in this arena. Yet they have senior managers who think the people in the ﬁeld are too frenzied about e-discovery and believe the problem doesn’t warrant a change in business processes that worked in the past. Unless this group can be placated, either through compromise or by winning them over, the charter of the multidisciplinary team will be shortlived. The initiative could also be saved if the company was faced with a catastrophic event like a bet-the-company litigation where e-discovery missteps become the tail wagging the dog. But that, of course, is something that nobody wants. Despite the fact that this company already had an e-discovery response team in place, we insisted on conducting an assessment of the existing process and ensured that all constituents were involved—from diﬀerent functional areas as well as at all levels of the organization.

[B] Nonbelievers Unmasked

Through this process, it became abundantly clear that despite best eﬀorts, the AGC’s of litigation remained unconvinced that e-discovery risk and the associated consequence were real. After all, as litigators, they measured themselves on outcomes, and to date, they had achieved good results either through favorable settlements or by litigating (and prevailing) through trial—all this without a robust (translation—formal, documented, and consistently executed) e-discovery business process in place.

[ 56 ]

Litigation Readiness

Despite our repeated reminders to our client of this dynamic, the will of the discovery response team was for us as consultants to continue to optimize their processes. This we did over a three-month period—though we harbored little hope that there was enough organizational will to sustain the group. Two years hence, the group still has a “letter of the law” charter, but in actuality does not function on a daily basis. This example is instructive for two reasons: One, it demonstrates that assessment is critical to create a foundation for change (or not); and two, it proves that consultants are merely facilitators of a process that ultimately is owned by the organization. As such, assessment can be the beginning of a change process or an exercise to determine that the timing to try and create change may not be right. Either outcome has utility.

[C] Action = Desired Outcomes

Once an organization decides to become litigation ready, it faces a crucial crossroads, one we have alluded to already: Will the readiness plan be about planning, the action verb, or about cranking out a plan, the noun? We think we’ve been pretty clear about what the choice should be: A planning process will serve the organization far better. This avoids the problem of handing people a notebook full of words and charts and never revisiting the matter until a crisis emerges. By establishing a knowledge base about the current state of the e-discovery process through facilitated interaction between individuals, the company can create consistency, repeatability, and ultimately defensibility. If everyone believes they are engaged in a living process, one that will only get better with experience, buy-in is far more likely. Let’s face it: We all know that notebook-bound plans grow obsolete quickly in today’s fast-paced business environment.

[D] Mix in a Little Politics

Along with human dynamics, the political environment of the organization is an important factor. Establishing a formal approach to managing discovery response when one does not currently exist is, at its core, a change management eﬀort. So you need to factor in the internal politics that govern how major cultural changes happen. Does the board get involved? Is the CEO necessarily the de facto leader of the initiative, or does the CEO tend to give his or her imprimatur to an initiative and then

A S S E S S M E N T, PA R T I I

[ 57 ]

delegate responsibility to a department head or other trusted member of the senior management team? Increasingly, we have seen e-discovery start as a board agenda item, often stimulated via the audit committee of the board. This then cascades down through the operating team of a company via the compliance oﬃce. If there is a chief compliance oﬃcer, he or she will usually get the general counsel involved (or will even get the general counsel to lead the litigation readiness eﬀort), but will still stay a primary responsible party to ensure that a plan is put in place. After the planning binder and decision matrix has been created, a steering committee (or a governing body with a name that is culturally consistent with what your company calls such a group) should be appointed, and the plan should be presented to them. In an eﬀort such as this, the steering committee should be multidisciplinary and include people such as the general counsel, associate general counsel in charge of litigation, possibly the chief compliance oﬃcer, in-house litigation paralegal, chief information oﬃcer, legal IT staﬀ, and records management staﬀ members. Buy-in from this group is tantamount to ensuring that the process of establishing and executing a formal discovery response business process actually sticks.

[E] Distributing Ownership

In addition to the emotional beneﬁts of assessment, there are solid process improvement principles in which assessment is rooted. Assessment should be approached as the ﬁrst (and necessary) step of a process reengineering eﬀort—where assessment is followed by planning, implementation, and then subsequently embedding of a new process. We ﬁnd that involvement of multidisciplinary groups is important because ownership has to reside with the people who wake up every day and live the business processes. For example, one common question we ask a group is this: “What is the process used to determine organizational exposure to e-discovery or litigation risk in general when an employee departs voluntarily or involuntarily?” Since employees leave companies all the time, this is a well-understood business situation. However, more often than not, we ﬁnd that hardly anyone knows the answer, and facilitating a discussion in this topic area lets everyone in the room come to that conclusion on their own that this is a gap that needs to be addressed.

[ 58 ]

Litigation Readiness

[F] Truth Telling

It is also worth noting that consultants play a very utilitarian role when we critically evaluate the existing state of the company’s readiness for discovery. Consultants can be more straightforward in pointing out gaps because we do not live within the company. To be a truth-teller within the company often requires the sort of distance that only an external consultant can bring. To ﬁnd the gaps but then to be afraid to tell the truth is pointless. There will almost undoubtedly be hurt feelings, and a consultant doesn’t have a “dog in the ﬁght” and therefore can be more direct. For example, if a consultant asks, “What is the process used to determine organizational exposure to e-discovery or litigation risk in general when an employee departs voluntarily or involuntarily?” the answer is often, “Uh, there isn’t one.” By facilitating that discussion, the consultant helps a company come to the conclusion that there is a gap. There is truly only one way to build a solid foundation for a repeatable, legally defensible discovery response business process. It must be done through detailed understanding of current discovery practices and by documenting and prioritizing the components of the process. By approaching discovery response planning as a business process, an informed and structured approach to improvement can be developed and implemented. This planning needs to begin with assessment, so enterprises can be assured they are investing in the areas of greatest impact. By focusing on all the elements of a business process—people, process, and technology—an enterprise can address its most pressing litigation and compliance response needs with conﬁdence and predictability.

A S S E S S M E N T, PA R T I I

[ 59 ]

C HAPTER 5

Process of Planning Precedes Permanence of Plan—aka Change Management

5.01. PLANNING BEGINS WITH INTROSPECTION: SOCIALIZING THE ASSESSMENT RESULTS

When desktop computers began their inevitable march through oﬃces around the world in the late 1970s, the rate of adoption within speciﬁc workplaces initially varied greatly. Some employees, from top executives on down, balked at the switch. They clung desperately to their typewriters, insisting that someone else rekey their work into the newfangled and threatening systems. Permitted to postpone the inevitable, these Luddites posed a threat to their organizations. But not all organizations indulged such behavior. Those companies that were highly successful at moving people over to the glowing screens enjoyed a competitive edge—short-lived in the grand scheme of things, but still, an edge is an edge in the world of commerce. Additionally, the leaders at such organizations saw the transition as an opportunity to make a bold statement about their corporate culture. “We are innovators. We embrace the inevitable, we master it, we move on to the next challenge.” The people who work for such organizations understand the rules of engagement there, and the best of the lot thrive in such an environment. 5.02. THE URGENCY BEHIND SOCIALIZATION

This “socialization” of the workforce into an acceptance of the inevitability of computers oﬀers a compelling lesson for those in corporate life today who are

charged with raising awareness about the urgency of incorporating litigation readiness into the corporate ethos. The computer, though “virtual” in its essential function, was a physical entity. Litigation readiness is a mindset, a concept. Yet, for many corporations, the value of its acceptance (or implicit rejection) by the team will be measured in the many millions of dollars. Whether those dollars fall quickly to your bottom line, or to someone else’s, will depend greatly upon your success in socializing the process. Perhaps more importantly, the level of acceptance of this mindset becomes a test of the organization’s strength, its determination to win, its desire to be seen as innovative and proactive. In the current environment of governance and accountability, a litigation readiness mindset is the company understanding the importance of transparency and the appropriate implementation of a risk-and-controls culture. Especially in the current economic climate, leaders need to be aggressive about embracing change. The risks of falling behind now are far too great.

5.03. AS THE WHEELS TURN

So how do we achieve the active adoption of the proactive litigation readiness mindset within the company? We have studied the matter, come to our conclusions, and have presented the results to key decision-makers on the team. They have all nodded in agreement: “Yes, it all makes sense, we’re right behind you.” But what’s going on inside their heads? Now, the wheels are turning: “How much do I—me, myself, and I—care about this latest mandate from on high? Will we see change? Or is this mere lip service?” Remember, millions of dollars are riding on the collective decision that is about to be made. The key to winning the computer changeover battle was the example set by senior management. When the bosses raved about the computer age, greedily insisted upon being the ﬁrst to learn to use the new tool (albeit sometimes by requiring their assistants to use it on their behalf), and let it be known that the winners would quickly follow suit, the typewriters soon disappeared. It’s the same with litigation readiness. If the ground troops believe that senior management not only supports the concept but is passionate about it via a demonstrated participation, they will also be believers.

5.04. THREAT OR OPPORTUNITY?

The members of a team pursuing the goal of a formal and consistent litigation readiness program will be trying to assess where e-discovery P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 61 ]

(electronic discovery) resides on the senior management radar. Is it a threat—or an opportunity? If the message they are hearing from senior management is that e-discovery is a necessary evil and the organization is going through a readiness exercise begrudgingly, stakeholders and participants in the process won’t stick their necks out for it. After all, who wants to attach their name to an initiative that most everyone sees as a necessary evil? On the other hand, if the organization views e-discovery as a “lens” into the identiﬁcation of organizational dysfunction (and therefore opportunity for improvement) in areas like information governance, then attaching one’s name to an e-discovery eﬀort can create personal political capital within the organization. Furthermore, if there are individuals in the organization that see e-discovery as a career path, they are more likely to embrace readiness planning eﬀorts, lend their talents to the process, as well as volunteer to take on a more active role in the management of the process.

5.05. ELEMENTS OF SOCIALIZATION

But . . . it’s not quite as simple as setting a tone at the top and waiting for everyone to climb aboard the e-discovery bandwagon. In a complex organization with business units scattered all over the world, how does that senior management “can-do” attitude permeate into the far reaches of the enterprise where employees may have little direct contact with senior management? Here are some critical elements to the successful adoption of the litigation readiness process: 1. Senior management’s sense of urgency about the important of litigation readiness; 2. the communication of that sense of urgency throughout the enterprise; 3. the identiﬁcation and “recruitment” of unit or “tribal” leaders within the enterprise to create a network of credible advocates up and down the organizational chart; 4. reinforcement of the initial sense of urgency on a regular basis through the network of advocates. These elements, which speak to the leadership’s commitment to the mission, must overlay a speciﬁc strategy for implementation of the e-discovery process. Together, the commitment and the thoughtfully constructed

[ 62 ]

Litigation Readiness

strategy/process/policy will lead to the successful socialization of the concept. In broad strokes, the strategy will include the following steps: 1. Creation (or adoption) of plan of action (consensus required in either case); 2. detailed implementation process for the plan; 3. and, ultimately, critical analysis of the eﬃcacy of the initiative. You can’t wing it and expect your team to embrace the concept. Mandates won’t get it done. It will take time, eﬀort, real work on the part of leadership. Otherwise, the team will fall away at the ﬁrst sign of weakness, lack of true commitment from on high, or a shift in priorities. Let us move to the foundation of this strategy.

5.06. TAKING THE FIRST STEP: WHAT COMES FIRST, RISK OR COST? STRIKING THE BALANCE

Of course, both risk and cost come ﬁrst. One cannot be assessed without knowledge of the other. The assessment begins at the top, with key executive stakeholders who already embrace the urgency of litigation readiness and understand the implications of e-discovery gone awry. These central players— general counsel, chief information oﬃcer, chief ﬁnancial oﬃcer—should take the pulse of the organization to gauge what will be required to implement the initiative. A mini-summit of sorts follows, where these key executive stakeholders document their collective views on risk/cost trade-oﬀs. This piece is critical, because in some organizations, the state of business may be such that cost reduction, even with an increase in (properly managed) risk, is the existing mindset. If this is the case, obtaining the necessary resources for risk mitigation may be diﬃcult—especially if the risk is abstract to most. On the other hand, in certain organizations (especially ones that have faced bet-the-company litigation with a huge discovery component), there may be a healthy appetite to “do whatever it takes” to protect the crown jewels of the company.

[A] Risk vs. Cost Gaps

An initial meeting of key stakeholders should focus on identifying predispositions in the theoretical assessment of risk versus cost. It is imperative

P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 63 ]

that the key stakeholders be philosophically aligned at the outset of the creation of a plan to validate those predispositions or disabuse these stakeholders of same. Otherwise, no amount of plan elegance will overcome the built-in organizational barriers to sustaining a litigation readiness eﬀort. Once that alignment has been achieved, the real work can go forward. A note of caution: Despite the egalitarian nature of today’s management models, there is most certainly a tendency of the organizational fabric to reﬂect the moods and methods of executive leadership. As such, these executive predispositions need to be understood, documented, and agreed to up front as the “ﬁlter” for how trade-oﬀ and resource allocation decisions will be made. This is not a bad thing—unless is goes unrecognized.

[B] Documenting the Documentation Philosophy — Don’t Fear the Old Plan

Any time an organization replaces one set of policies, or a speciﬁc “plan,” with a new one that reﬂects more current trends, it runs the risk of exposing itself to the perceived liability of “not having done so sooner.” In other words, what was done under the old plan may not now be considered best practice. But it was at least defensible based on the conditions that, years earlier, led to the creation of that policy. When case law on discrimination in hiring and promotion began to pile up, some organizations moved quickly to replace their prior policies with ones that reﬂected the tenor of new judicial rulings. Others waited to act. They wanted more proof that the old ways now put them at risk. They clung to discriminatory policies in the mistaken belief that, because they were once valid, they could be defended into the future. They feared the unknown, they were wrong, and they paid the price. Perhaps an extreme parallel, but instructive nevertheless. Let’s follow this train of thought.

[C] The Urgency to Recognize the Inevitable

Other organizations sought a middle ground. They replaced the most egregious policies with ones that reﬂected current case law, but continued to follow traditional patterns where they believed they would be under the radar. These organizations had no vision. They did not embrace the inevitability of the trend. They thought they were the clever ones. They believed that no one would see through the smokescreen. Wrong again.

[ 64 ]

Litigation Readiness

Thoughtful organizations look at such policies through the lens of the courts. How will my actions be seen “in the eyes of the court?” Is the court likely to say, “Half a loaf is better than no loaf at all?” Or does experience tell us that policies are likely to be both thoroughly challenged by our adversaries, and thoroughly evaluated by the courts? Will the courts reward a good faith eﬀort, even if it falls somewhat short of an airtight program where the company tries to do the right thing but doesn’t always do things right? Or will they demand that every gap be identiﬁed and closed immediately? Concluding that the courts would reward a good faith eﬀort with ﬂexibility built in to acknowledge the evolving nature of the underlying issues, the companies that evolved were seen as committed to the new way of thinking. They were winners.

5.07. TAKING THE ORGANIZATION’S TEMPERATURE — PLACE IT UNDER YOUR TONGUE AND STAY STILL

As a matter of corporate governance, litigation readiness in the age of e-discovery is to the legal department what hiring/promotion policies are to human resources. The issue has been raised. The courts have ruled and continue to rule. Its impact will inevitably be felt, not just in the legal department, but throughout the organization, wherever electronic data is created, stored, accessed, managed, and shared.

5.08. IS 100 PERCENT REQUIRED?

In many rational organizations (which are mostly what we encounter), senior management feels that, by taking a considered view of the identiﬁed people, process and technology gaps, prioritizing them, and responding to the highest impact ones, the company won’t be penalized for putting some on the back burner. The intention is to work through the entire list and create, over time, a policy built upon best practices for responding to a request to produce documents. As seen through the judicial “lens,” this would indicate good faith, and it would demonstrate that a plan and a process are in place. Perhaps more signiﬁcantly, it would demonstrate senior management’s commitment to comply with an order of the court. Other organizations fear that if they don’t address every identiﬁed gap, they will be sanctioned and/or adversaries will characterize their behavior as negligent. This response, built upon the soft sands of anxiety, is, in our view, doomed to failure. Often, the result is a resistance to document gaps in

P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 65 ]

writing or to make value judgments about gaps. This can become a barrier in the creation of a plan; at the very least, it adds layers of eﬀort to the creation and implementation of a plan when documentation has to be sparse.

5.09. DISCOVERABILITY OF THE PLAN

Another manifestation of this stance is that counsel is uncomfortable with the “piercing of the veil of privilege” as applying to documents created during the overall assessment and planning processes. Is it attorney-client privileged, does the attorney work product doctrine apply? Not to summarily dismiss these concerns, but it is our experience that this is a shortsighted attitude will not play well through the judicial lens, where actions taken in good faith and a thoughtful process that is forward-looking are rewarded. Thus, understanding the philosophy behind documentation is critical to ensuring that the process of planning incorporates this philosophy and does not get derailed by stakeholders based on operational/logistical dimensions. Visionary thinking trumps actions rooted in the past. As with other trends in corporate governance, if litigation readiness is presented as not only inevitable but as beneﬁcial to the company and to the careers of individuals, the perceived risks of creating a best practices set of policies will be overcome.

5.10. PURPOSE OF THE PLAN

Planning is good, we are told from a very early age. You plan your vacation. You plan your homework assignments. You plan for the future. You create a threeyear plan for your department (which never works out). You always need to have a Plan B. Even the cult hit movie Oﬃce Space has a scene where the character Peter is in a conference room with a whiteboard that says in a parodyinspired manner, “Planning to Plan.” But really, what is a plan? How is it deﬁned, and how does it diﬀer from a process, from a strategy, from a policy? A plan can be anything from an outline with a few wispy objectives along an undeﬁned timeline, to the architect’s blueprint for the world’s tallest skyscraper. If you want to plan a successful bank heist, you’ll need the plans for the bank and probably the plans for the safe’s design. Yes, it’s good to have a plan. But there has been little case law over the past decade that overtly deﬁnes the level of documentation required for a plan to be . . . a plan.

[ 66 ]

Litigation Readiness

5.11. WIGGLE ROOM IN POLICY, PROCESS/PLAN, PROTOCOL: DEFINING “PLAN”

Simply having a plan doesn’t mean much until you create a strategy that sets objectives for the plan, a timeline for execution of the plan, and a process for rolling it out. Then, invoking principles of corporate governance, you must clothe it in the necessary details to turn it into a policy designed to direct the process for X number of years to come. This is the plan, fully realized. With respect to the mission of embedding litigation readiness into the corporate culture, we need to pay attention to the growing number of decisions that will impact our initiative. These decisions imply that there is a diﬀerence between policies, processes/plans, and protocols that are material for judges and parties to determine whether one has acted in good faith within the construct of a process that is “reasonably designed.” However, determination of whether good faith behavior was exhibited depends on the circumstances. As exemplar, the application of search terms as a mechanism to either cull data out of a corpus of data or determine that some data is relevant to the matter has become an oft-debated e-discovery topic. The courts are increasingly addressing this issue and scrutinizing the way organizations handle the matter. In Victor Stanley, Inc. v. Creative Pipe, Inc., 250 F.R.D. 251 (D. Md. 2008), Judge Paul Grimm was highly critical of the defendant’s choice of key words to search its client’s database for relevant and privileged/protected electronically stored information (ESI). This and other related search term rulings have altered the landscape for defensible and good faith document production eﬀorts. It was a painful wake-up call for Creative Pipe and others. Of course, the company had assumed its process for searching would pass the “good faith” test. Yet it did not. Thus, when creating a policy/plan for e-discovery, it is always recommended to have input from experts who are current on the latest wisdom from the bench and who can identify trends as they develop.

5.12. THE THREE “PS”

Let us brieﬂy consider applying the three “Ps”—process/plan, protocol, and policy, to the example of utilizing “search terms” to reduce the volume of data that is put into a human review workﬂow.

P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 67 ]

[A] Process/Plan

Here we ﬁnd, in theory at least, the most wiggle room. When approaching a relatively new initiative such as litigation readiness/e-discovery, the processes/plans adopted by organizations will initially vary greatly, especially among those that are attempting to create a process/plan without guidance from someone with expertise in e-discovery document production. It is vital to understand that the process/plan will directly impact the path to and parameters of the policy that the courts will be scrutinizing when the organization inevitably ﬁnds itself in litigation. Will the courts view the process/plan that leads to the policy as a “good faith” eﬀort to achieve best practices? Let us hope that is the goal. If the process/plan for identifying relevant search terms to produce electronic documents for a discovery request is a homemade, patchwork aﬀair, you may as well get ready to settle as soon as the request to produce is delivered. There are companies today that specialize in search term analysis. Either these experts are on your side, or you risk going up against an adversary that does employ them. You don’t want that. So perhaps there’s not as much wiggle room in the process/plan phase after all. In fact, there are even plans and processes out there that you can take oﬀ the shelf and plug into your organization to demonstrate that you care. These are not ideal, but they may be defensible, based upon case law and best practices, and they can work to at least demonstrate movement in the right direction. You’ll have to adapt them to your organization’s culture, of course. And perhaps you have to lay out some cash up front to protect your organization from a discovery request disaster. But the cost of one disaster will far exceed the price of the protective process/plan.

[B] Protocol

“Protocol demands that we . . .” We’ve certainly heard this phrase often enough in our corporate life. Protocol is that agreed-upon form for conducting a certain kind of business or activity. In the case of search terms, protocol has already been established for searching the e-universe. This protocol, while still evolving, is recognized as representing best practices and “good faith” in document production. In the ideal situation, we ﬁnd: 1. the relevant data storage entities have been identiﬁed in advance; 2. they are “mapped” for eﬃcient searching;

[ 68 ]

Litigation Readiness

3. they have been further organized and culled so that a search can be conducted expeditiously; and 4. the “protocol” for executing a search has been deﬁned with syntax consistent with the requirements of the case as well as the capabilities of the search technology. Search terms are selected and “packaged” in a certain agreed-upon way so that they identify a high percentage of relevant documents without also collecting gigabytes of irrelevant data. The entire process becomes transparent in this way, a ringing endorsement of “good faith” that the courts will value.

[C] Policy

Unlike the process/plan and the protocol, policy on a matter of process governance is like a mission statement: Key stakeholders must be able to articulate the essence of the policy, and be able to produce the policy in its entirety upon request. Using the example of search terms, the CIO and general counsel and their key staﬀ at the very least should be able to state, “Our policy for selecting search terms to produce relevant electronic data from our universe is based upon . . . the following guiding principles . . .” These stakeholders should be able to cite the source(s) of the policy, its overarching intent, the history of its eﬃcacy, and key benchmarks in the evolution of the policy. (Remember, precedent on e-discovery continues to evolve.) And they must be able to produce a detailed written policy. That policy should very closely match any recent searches made as a result of litigation. For example, a company may have a policy that says, “the company will never agree to a discovery request targeting our backup tapes because our backup tapes are used purely for disaster recovery and are not a repository of record for any data.” There is absolutely no need to create a litigation readiness/e-discovery policy in a vacuum. And there is certainly no good reason to do so. Policies have long been in place that work, that reﬂect best practices, and that the court will regard as a demonstration of good faith in meeting a request to produce documents. No corporate environment is so unique that one can claim that none of the existent policies will ﬁt the bill. And, by the way, you will have to pay the bill for it. Need we reiterate that the cost of this protection is dwarfed by the potential liability involved in getting it wrong?

P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 69 ]

5.13. TIME TO BUILD YOUR PLANNING TEAM — CHARTER, STAFFING, AND OPERATING PRINCIPLES [A] Look Internally for Inspiration

In approaching a litigation readiness planning initiative, it is important to learn from other such eﬀorts at the corporation—especially successful ones. Any company of any size has had initiatives rolled out, from compliance-oriented initiatives (such as sexual harassment training) to revenuegeneration initiatives (such as rollout of new products and services) to operational eﬃciency initiatives (such as cost-reduction programs). Every company has its own unique way of approaching initiatives that are multidisciplinary. Wisdom and practicality (after all, the clock is ticking) dictate that we model the litigation readiness eﬀorts after other successful corporate initiatives. For example, some companies prefer to roll out initiatives without a lot of pomp and circumstance. “Just git ‘er dunn”! is their approach. Others require a high-proﬁle “launch meeting” followed by executive posturing (in a good way) throughout the initiative to ensure that people pay attention. Recognition of the culture of the organization will facilitate the process. Let it guide you, unless that culture is so toxic that your team decides to become the change-makers. (Have your resumes up to date if that’s the direction you choose).

[B] Setting the Tone

Related to the above point, it is also important to layer in the “personality” of the litigation readiness planning initiative. Should it be positioned as mandatory? Does senior management insist upon full participation, with no questions asked and with penalties for noncompliance? Or does wisdom dictate that we create a process whereby consensus is built over time with incentive systems to reward the right behavior? After all, to many within the organization, litigation readiness is an unfamiliar term. Sales may not see how they could possibly be aﬀected by it. Human resources may not understand its critical role in making sure the initiative succeeds. In fact, these two approaches—mandated and “soft-sold”—are not mutually exclusive. They can be integrated into a process that is ﬁrm but fair. In any case, it is critical to establish the personality/tone of the planning initiative so that the plan is built with this in mind. The language used in describing the process steps can be “suggestive” or “directive,” depending on the tone and cultural fabric of an organization.

[ 70 ]

Litigation Readiness

[C] Choosing Key Players

Next, we must determine who will be the key stakeholders on the process/ planning team. Again, we can look to the corporate culture and to other successful internal rollouts for guidance. Does senior management prefer to work with small committees, where the team members then bring the initiative to their departments once consensus has been reached? Does corporate tradition dictate that involvement even at this initial stage be broader so that more individuals feel represented in the process? If you have selected the blended “carrot-and-stick” approach to rolling the initiative out, we recommend seeking a balance here as well. Too many members of this launch team will impede its progress (tick, tock, tick, tock). Too few will impede its acceptance. Given that you are not alone in your litigation readiness pursuit, you might look for guidance from other organizations that have expertise in the area of creating the right climate for early adoption of litigation readiness. Use your knowledge of your organization and ﬁnd the best ﬁt out there to meet your requirements.

5.14. EXECUTIVE SPONSORSHIP VS. EXECUTIVE INVOLVEMENT [A] Demonstrating Top-Tier Commitment

Many are the bold pronouncements made by senior management. But once the dust has settled, the troops will watch to see if the leaders are in the trenches with them, or oﬀ to another mission. When legendary automotive executive Lee Iacocca ran Chrysler Motors in the 1980s, he vowed to turn the company around, produce cars people wanted and ﬁnancial results investors would applaud. Then Iacocca took his commitment a step further. He announced that he would accept a salary for the year of $1, and there it would remain until the company was proﬁtable. Thus did Iacocca enter corporate management lore—and at the same time he won the hearts and minds of his employees.

[B] Communicating the Commitment

Now, no executive should be required to give up his compensation package over a process for embedding litigation readiness. But if those at the top are truly committed to the principles behind litigation readiness, their commitment will be communicated throughout the ranks of the organization. If they are only supporting the concept because the general counsel or outside

P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 71 ]

counsel have recommended it, their true lack of understanding of the urgency of the matter will soon be communicated to the rest of the company. Sponsorship means endorsement. Involvement means spending time reviewing the process and the invocation of the process and perhaps even overseeing decision-making in certain high-exposure applications of the process. Setting senior management’s expectations of what is required of them, early, is a critical success factor.

[C] Composition of the Team

To set the tone for involvement rather than sponsorship, the process/ planning committee should be composed of senior-level management of the company. The steering committee members should include people with gravitas. Attendance at steering committee meetings should be mandatory, at least through the oﬃcial launch of the initiative and the early stages of operationalization. You may want to broaden the steering committee, depending upon your organizational personality. Should there then be an executive steering committee composed of the above mentioned executives? Probably. The purpose of the executive steering committee would be to ensure that the process actually happens and stays on a timeline that recognizes the importance of creating the policy at the end of the process. In a sense, this executive steering committee could be less formal, with few set meetings and no detailed agenda. Its gathering frequency will be set on a needs basis to make sure the process is healthy.

[D] Make It Real

The steering committee must be taken seriously, with regularly scheduled meetings, detailed agendas, and assignments for members between meetings. The members of this committee should feel like they are doing important work (because they are), and their commitment needs to be assessed through actual work product that can be evaluated. Examples of tasks that will strengthen their commitment to the process: 1. attendance, either in person or telephonically, at all/most steering committee meetings; 2. emailed “takeaways” from each member within two to three days of each meeting;

[ 72 ]

Litigation Readiness

3. postmeeting assignments (i.e., research a facet of litigation readiness, discuss an aspect of the initiative with department members, contact a peer at another company that has a readiness policy in place and report back); 4. ask members to bring three questions about the process to the next meeting for discussion. Each committee member must understand that it is her or his responsibility to communicate the broad implications of litigation readiness to their departments, as well as the importance of full (or at least widespread) organizational compliance. Their commitment to the process and their individual, identiﬁable contributions to its success will be discussed at the corner oﬃce, the cubicles, or even the commode. This “incentives” system can be tailored to mirror the incentives (or penalties) associated with the rollout of earlier initiatives considered crucial to the organization’s success. No two organizations are alike in their approach to implementation of a new policy. But the objective must be clear, it must be communicated clearly with commitment from the top, and the process must not be allowed to bog down once it is in motion. The stakes are too high.

P R O C E S S OF P L A N N I N G P R E C E DE S P E R M A N E N C E OF P L A N

[ 73 ]

C HAPTER 6

The Discovery Response Process & Plan

6.01. THE ESSENTIAL ELEMENTS OF THE DISCOVERY RESPONSE PLAN

Now we are ready to create an action plan for successfully navigating the discovery phase of litigation. Not so long ago, few companies enjoyed the security provided by a thoroughgoing response plan for electronic discovery (e-discovery). The response “plan” tended to be based upon production of paper documents, not electronic data. Electronic discovery, whether the result of litigation, government investigation or compliance, has taken on a vastly larger role in the overall discovery process. In addition, the role of corporate counsel has grown even more complex and challenging, especially given the amendments to the Federal Rules of Civil Procedure.

6.02. ORGANIZED BUSINESS PROCESS

Corporate legal teams that understand their need for readiness for litigation or investigation and that can plan for the inevitable electronic document requests are much more capable of controlling the cost, time, and risk associated with discovery. With an organized business process, corporate counsel can systematically and eﬀectively manage the increasingly complex nature of discovery response. But not all response plans oﬀer the same protection and decisionmaking foundation. Our objective here is to provide a blueprint of sorts for

a state-of-the-art, yet proportionate discovery response plan, one that will satisfy opposing counsel and the court and allow your team to make the best possible decisions about how to proceed with a case based upon your ﬁndings in discovery.

6.03. THE EIGHT STEPS TO ELECTRONIC DISCOVERY SUCCESS

Following are the eight steps that we consider to be the essential components of the discovery response plan (DRP). 1. Matter Initiation: Initiating a new matter and developing an initial discovery response strategy. 2. Identification: Identifying potentially relevant people, record and document types, and document/data repositories. 3. Preservation: Issuing, monitoring, modifying, refreshing, and releasing legal holds. 4. Collection: Locating, collecting, and migrating potentially responsive electronically stored information (ESI). 5. Early Evidence Assessment: Data sampling and analysis to inform the discovery processes. 6. Processing: Aggregating, reducing, and preparing ESI for legal review. 7. Review: Reviewing and coding electronic documents for responsiveness and privilege. 8. Production: Producing electronic documents in required formats to requesting parties.

[A] Matter Initiation

Matter initiation is where the team decides whether a discovery response plan needs to be invoked in light of an event (e.g., lawsuit or investigation) that has occurred. Every event of this sort does not demand the invocation of a full-blown DRP. The basic plan can be modiﬁed to meet the conditions that the initiation team anticipates. The team wants to be cautious, given the requirements of executing a DRP. On the other hand, the implications of activating a DRP can be minor compared to the costs of a response that is deemed deﬁcient by opposing counsel and the court.

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 75 ]

[B] Identification

Identiﬁcation requires the legal team to begin to compile lists of relevant people, types of data, and data repositories in preparation for describing the parameters of the legal hold(s) needed to preserve all potentially responsive data and documents. Working in concert with outside counsel, the legal team leader supervises preliminary fact-ﬁnding, including interviews with key players and information technology (IT) stewards, to develop a fact base, to validate the custodian list, and to identify additional sources of potentially responsive ESI. This is the place where the context of the case (the issues, arguments, claims, and defenses) should be the principal guide for the scope of the discovery response. If you have been proactive and already created an ESI content map, your early identiﬁcation of relevant data should be quite manageable. If you haven’t created an ESI content map, this would be the time to launch an initiative to create same. Why? Because this early phase of the process deﬁnes the general scope of the response and therefore has a signiﬁcant impact on overall cost of discovery for the matter.

[C] Preservation

Preservation is one of the most crucial components of a discovery response plan. This is where battles were often won and lost in the early years of the e-discovery era, based upon the eﬃcacy of a company’s preservation strategy. The legal hold process (or lack thereof) is still, in 2011, the subject of many rulings from judges who have limited tolerance for organizations that are indolent in fulﬁlling their preservation obligations. If you don’t preserve the relevant data, you won’t be able to comply with the production request. Your organization’s ability to create and execute legal holds will be put to the test here. With experience, many litigants now understand the crucial nature of the properly applied legal hold. Although case law is still evolving with respect to preservation and legal holds, experts in this ﬁeld can provide the guidance needed to preserve relevant data without shutting down the enterprise. The legal department has the responsibility for deﬁning the scope of the legal hold, notifying relevant parties that the hold is in eﬀect, ensuring that the hold is observed, modifying or refreshing the legal hold when necessary, and releasing the hold when appropriate. In our experience there are some common legal hold mistakes and best practices that we have observed at companies that are worth noting.

[ 76 ]

Litigation Readiness

[1] Common Legal Hold Mistakes

•

• •

• • •

Failure to promptly issue legal holds to custodians of potentially responsive data when a duty to preserve same can be reasonably anticipated. Failure to preserve data under legal hold from departing employees. Not issuing the legal hold notice to stewards of IT systems in time to suspend automated data-destruction protocols (causing spoliation (destruction) of evidence). Issuing legal hold indiscriminately to every employee of the company out of misguided belief that this is the only way “not to miss anyone.” Not tracking recipients of legal hold, making subsequent refreshes or modiﬁcations to legal hold diﬃcult. Failing to lift (release) legal hold when obligation to preserve data under hold no longer exists.

[2] Best Practices in Legal Holds

•

•

• • •

Repeatable Process—Building a repeatable process for issuing and managing the legal hold process by both the IT and legal departments so that the process can be replicated in every matter. Clear Legal Hold Notices—Making sure the legal hold notices sent to custodians are written in “plain English” so they are easy for non-lawyers to understand, are sent in multiple formats, and clearly identify the individual(s) recipient should contact with any questions about the legal hold and/or her obligations thereunder. Acknowledgements—Requiring acknowledgments of legal hold receipt and agreement to comply with legal hold obligations from recipients. Refreshing—Refreshing legal holds on a regular basis to ensure recipients are aware of ongoing preservation obligation. Documentation—Documenting the legal hold process with a formal tracking mechanism that can be presented in court as a reasonably designed, transparent process invoked in good faith.

[D] Collection

Collection refers to the step in discovery when the data that has been identiﬁed as potentially relevant to the request to produce is gathered. At this

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 77 ]

stage the documents are not yet ready to be produced; rather, they are collected in their native form and stored prior to ﬁnal processing.

[E] Early Evidence Assessment

Early evidence assessment is like a core sample. It gives the team a “quick” look at representative documents in the collection universe. From this assessment, the team can extract a fair amount of information about the eﬃcacy of the identiﬁcation and collection process to date and where the litigation itself may be headed in terms of cost, complexity, and outcome. This assessment frequently leverages expertise of consultants or service providers to ensure that the data is properly processed and analyzed.

[F] Processing

Processing is the point at which the relevant data is made ready for review by counsel. For most e-discovery matters (especially large-scale productions) that include production of electronic data, a third-party service provider handles the processing of the electronic data.

[G] Review

Once the ESI has been aggregated and reduced using ﬁle attributes and metadata in the processing phase, the documents loaded into a review database must be reviewed for responsiveness and privilege/ conﬁdentiality. It is anticipated that for most e-discovery matters (especially larger matters), the client will utilize outside counsel for legal review of potentially responsive documents. We have seen a signiﬁcant evolution in document review over the past few years where outside counsel may perform ﬁnal privilege review but early stages of review may be performed by non law ﬁrm service providers or by law ﬁrms whose core focus is document review. In either case, it is important that the company assigns a project manager who understands the case and will track and monitor the review process, and will ensure that outside counsel and other review service providers employ standard procedures to eﬃciently review documents.

[ 78 ]

Litigation Readiness

[H] Production

After the ESI for a particular matter has been reviewed by attorneys, responsive information must be produced to the requesting party or parties in the agreed upon format(s). When engaging a third-party service provider to produce the electronic data, it is important to assign a project manager who will continue to track and monitor the production phase, ensuring formal procedures are followed to avoid inadvertent production of privileged materials, and ensuring the timeliness of document productions. Ultimately, the purpose of document discovery is for the requesting party to receive all responsive, nonprivileged documents from the producing party in a timely and complete manner. As seemingly simple as this sounds, the nuances associated with this process, especially when electronically stored information is in scope, have created a multibillion dollar industry where service and technology providers, and yes, even book authors, are kept quite busy.

6.04. THE DETAILS OF DISCOVERY: DISSECTING AREAS OF GREATEST OPPORTUNITY [A] Nailing the IPC

The most critical steps in the discovery process, we believe, are the initial phases of identiﬁcation, preservation, and collection (IPC), because these are the phases where companies have the greatest opportunity to ensure a consistent, repeatable, cost-eﬀective, and defensible e-discovery response process. Electronic discovery teams in companies should break down these vital steps into their elemental parts, providing a highly detailed blueprint that describes speciﬁc roles to be performed, the tools needed to identify, preserve, and collect the data, and charts and workbooks that allow the team to execute the processes from start to ﬁnish. This blueprint is often referred to as the discovery response plan, or known more aﬀectionately in our acronym-loving culture as a DRP. The optimal DRP typically includes the following components: •

Summary workﬂow diagram—a single-page overview and reference sheet that provides an overview of the discovery process, the designations of the individuals involved with discovery response at the company (e.g., line counsel, discovery manager, collection specialist), and the documents, tools and technologies that are associated with each step of each phase of discovery.

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 79 ]

•

•

• • •

Detailed workﬂow—a process ﬂow for each discovery phase, including the individuals responsible for each task or activity and the tools and technologies utilized by those individuals. Discovery response plan (DRP) workbook—a separate document (often a multi-tabbed Microsoft Excel spreadsheet) that provides a single source for documenting response plan tasks for individual matters. The intention is to have a DRP Workbook for each matter—often referred to as a defensibility workbook or defensibility binder. Reference materials—a series of reference tools and sample templates (e.g., legal hold template). Master legal hold tracking—a master list of all active (and inactive) legal holds across the company. ESI content map—a Microsoft Access (or other similar) database that stores speciﬁc information about a company’s data repositories, record types, and applications. This enabling tool should primarily be designed to assist in the identiﬁcation of repositories that may contain data that is relevant to a legal matter. Because many organizations are unaware of the extent to which company information is disseminated throughout the virtual universe, and the location and stewardship of same, we have found content mapping to be a highly valuable exercise for our clients to engage in.

Developing, implementing and using a DRP allows a company to not merely meet the basic requirements of discovery, but to confront the inevitability of a request to produce electronically stored information with a robust strategy that leads to best possible outcomes.

6.05. THE PLAYERS, THE TOOLS, THE CONTROLS, AND THE MEASUREMENTS [A] Empowering Your People

With the discovery response plan outlined above, your team has a strategy in place that will prepare you to successfully respond to a request to produce relevant documents. But the process is only as eﬀective as the people who implement it. Those people need the right tools to do the job properly. In order for the work to be done on time, within budget, and with maximum eﬃciency, speciﬁc management controls must also be in place. Finally, we need ways to measure process, from initiation to the ﬁnal outcome (successful production of documents), so that we can assess the eﬃcacy of our process, set some basic standards for future responses, and

[ 80 ]

Litigation Readiness

improve upon our process next time. (Yes, there will always be room for improvement.)

[B] The People . . . Continued

It takes a team to create and implement an eﬀective discovery response plan. The composition of this team is quite distinct from the individuals required to conduct a discovery response in the era of paper documents. Yet the functions are not so diﬀerent. You’ll need a team leader from the legal department to manage the entire process. Many of our clients ask us if the ownership of discovery response should reside in the legal department, in IT, or elsewhere. Unequivocally, we feel that the legal department is the owner of the discovery business process, albeit with interdepartmental dependencies and requirement for participation. As such you will need representatives from these key departments at the table as the discovery response plan is being developed. You will need people to help identify, preserve, and collect the documents, to organize them and make them ready to be reviewed. The primary diﬀerence in the electronic era is that you may need more people in general; and assuredly more people from IT to help with mapping, identifying, preserving, collecting, and producing electronic data. However, many of these people will be individuals with primary jobs responsibilities in their functional area, but also having matrix responsibility to participate in aspects of the discovery response process. More people involved does not have to mean more ﬁxed cost! The team structure will resemble an organizational chart, with an executive team at the top making high-level DRP policy decisions. Each step in the DRP will have its own working team (with overlapping members in many cases). You will doubtless want to have a multidisciplinary discovery committee that meets periodically to make sure all departments are on the same page and no roles or responsibilities have fallen through the cracks, as well as to act as an overarching policy governance body. The committee can also be a way to channel suggestions about the process, i.e., can legal holds be issued more quickly? Has the collection process ventured into demonstrably unproductive territory? In short, the DRP will involve all individuals who are directly and indirectly responsible for managing the e-discovery lifecycle. The key members should include: •

Legal staﬀ, sometimes including the general counsel, always including the in-house attorney in charge of litigation, and litigation support

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 81 ]

•

•

•

•

•

personnel (e.g., paralegals) responsible for many of the tactical elements of discovery response. IT staﬀ, sometimes including the CIO in an oversight/steering committee member role, forensics experts, and those responsible for identifying network topology, relevant data repositories, and with knowledge of the enterprise’s ability to identify, preserve, collect, and export relevant ESI. Office of risk and compliance staﬀ responsible for addressing how document management and information governance policies are implemented, especially when litigation holds are required. Outside counsel and third-party suppliers who provide crucial insight into how ESI can be defensibly and eﬀectively collected, reviewed, processed, and produced. Line-of-business managers who may have input on how information is created, stored, and disposed of during the normal course of business. Records management personnel who may reside in a stand-alone operating unit or be administratively placed with the legal department or the IT organization.

Here’s a team leader checklist of roles that need to be assigned before you implement the DRP: • •

•

• •

For collection, ask: Do I have an individual designated as the collection owner? For preservation, ask: Is there someone in charge of monitoring legal holds, ensuring not only that they are complied with but that they are lifted in a timely fashion? For processing, ask: Do I have someone in charge of monitoring the transfer of data from the collection stage to the processing provider and ultimately to the attorney review teams? For review, ask: Is there a person on staﬀ responsible for overseeing the review process? For production, ask: Do I have a person assigned to ensure that there is not an inadvertent production of privileged material to opposition?

If some of these “checklist” player roles seem to lack weight in the grand scheme of a lengthy and arduous discovery exercise, don’t be fooled. The people in these positions are crucial to a successful outcome. Consider: In the

[ 82 ]

Litigation Readiness

case of preservation, not having a single, named person with the authority to issue, alter, and lift a legal hold for a particular matter might be interpreted by a judge as demonstrating the company’s failure to grasp the importance of this activity. This lack of control over the legal hold process could result in the accidental destruction of critical evidence, exposing the company to signiﬁcant and painful sanctions.

6.06. TOOLS AND TECHNOLOGY [A] Software: Buy or Rent?

Having software to support a DRP is essential, especially when one faces a complex investigation or lawsuit. This can represent a substantial expense for an organization, particularly one that is not a “serial litigant” (i.e., does not engage in frequent and ongoing litigation) but rather faces lawsuits or investigations only sporadically. A discovery service provider often represents a cost-eﬀective alternative, because they have likely invested in a complete portfolio of discovery response software that supports a client throughout the DRP process at a fraction of the cost of the company purchasing similar (and less-sophisticated) software on the open market and employing personnel to use the technology. If you have conducted an organizational assessment of your readiness for litigation, you may already know where the gaps are in your current IT system. Or perhaps you’ve plugged most of your discovery response gaps and are ready to partner with an outside consultant to organize and search your data repositories, collect the relevant material, and get it ready for review. If you haven’t done such an assessment, now is the time to do it. Again, no one wants to face sanctions for failure to respond in an appropriate manner to a production demand—and certainly sanctions that can be traced to something as mundane as a gap in technology would be hard to accept. In other words, assess your system, plug gaps in as cost-eﬀective a manner as possible, and consider using a service provider’s technology for the really big jobs. Not all the tools we refer to as essential to a successful e-discovery process are commercial, expensive software solutions (though they may well reside on a computer.) Some are as simple as Microsoft Excel spreadsheets, charts, workbooks, checklists, and progress reports. Because of the myriad details involved in a DRP, for example, tracking tools play an important role in the process—often a paper-based tool can be equally if not more eﬀective for some types of activity tracking—again, do whatever is Just Good Enough.

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 83 ]

6.07. MEASURING LITIGATION READINESS [A] Gap Analysis

Excellent measurement tools exist to assess your organization’s overall eﬀectiveness at managing the discovery process. Remember: You can neither assess nor improve what you cannot measure. Rest assured, litigation readiness is indeed measurable. A key component of discovery response planning is measuring the impact of the gaps in an enterprise’s e-discovery practices through a formal assessment and using the ﬁndings as a baseline for continuous improvement. For example, a given process or technology may work well for one business purpose, such as email archiving, but may not be able to fully support the discovery process. It’s important to know, in advance, how such technology aﬀects other process elements, such as preservation obligations and litigation holds. Additionally, an assessment can help identify whether there are alternatives that might have a greater, positive impact on existing process gaps and the beneﬁts that can be achieved by investing in one area versus another.

[B] Format/Presentation of the Discovery Response Plan

To introduce a new concept as large as litigation readiness into an organization successfully, you must ﬁrst know how your organization ingests new initiatives. We have worked with clients who prefer a plan that is a set of guidelines or considerations. Others insist that a prescriptive protocol with a step-by-step implementation blueprint works better for them. Here are three major factors to consider in determining the appropriate format or presentation of your discovery response plan: •

Risk-aversion of the organization: How does senior management view risk? For example, if a company is very risk averse, the traditional solution to risk mitigation is to enforce consistency, by ﬁat or by top-down mandate. Others’ approach to risk mitigation is to keep instructions with respect to how to execute a business process at a 10,000-foot level in the form of “considerations.” They believe this protects them, so that they cannot get pinned down by adversaries or courts that say, “You did it this way in situation A and that way in situation B.” The latter is often an approach adopted by our clients since it is a rare company today where line managers are not empowered to make rational management decisions—however, there are still some militaristic companies out

[ 84 ]

Litigation Readiness

•

•

there that function quite well and post good pretax operating proﬁts. Our view is—if it works, and your action is invoked in good faith, then do it. Overall company culture: Is the company one that works by protocol/ procedure manual? Are the employees generally obedient to a top-down mandate? Or is the culture one of empowerment, where decision-making is pushed down to the lowest possible level of the organization? Is accountability for decisions accompanied by the requisite authority to interpret process steps based on one’s own intellect and business acumen? Counsel’s prior experience with discovery: If any attorney has gotten burned (or faced a near miss) by being too speciﬁc, or too vague, during a prior discovery phase, their “lens” on how their company’s e-discovery response plan should be documented will be appropriately tainted. It’s important to know the discovery history of your company’s key discovery players and to help them to understand that, going forward, they will be protected by a strategically developed and tested process that produces positive and, most importantly defensible outcomes.

[C] Outside Counsel Guidance

Although the outside counsel, in most organizations of any complexity, will not drive the development of the discovery response plan, their role may be considerable, especially if senior management holds their views in high esteem. Outside counsel’s philosophical approach to discovery will be heavily inﬂuenced by their previous experiences and by their own personal style. Two likely approaches, based on our experience: •

Some outside counsel are more philosophically inclined toward the “considerations” approach. They do not believe that discovery should be a ﬁat-driven process—others may choose a path to discovery nirvana that codiﬁes transparency in a documented process with very speciﬁc steps, checks/balances, metrics etc. They seek transparency that can be communicated to the other side as well as the judge to demonstrate that one is acting in good faith. They place great importance on the appearance (and the actuality) of trying to do the right thing, realizing that one may not always do things right. Still other outside counsel prefer to document less of the “what needs to be done,” for fear that if actual activities deviate from the plan, adversaries could claim “you did not even follow your own plan.” There is little evidence in legal decisions that that this is a real concern, but managing such a risk is often an

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 85 ]

•

exercise of “internalizing the abstract,” so there is no right answer here—only the one that feels right and is culturally consistent with how your company does things. Or, in other cases, if outside counsel is not particularly conversant with IT infrastructure and how to portray the same in a discovery scope discussion, they may either gravitate toward generalities, or counsel their client to be very speciﬁc so that they can be very conversant. We would suggest that case law and our own experience supports speciﬁcity. In the early days of e-discovery (a mere ten years ago), outside counsel could summarily dismiss an overbroad discovery request by claiming it is exactly that—overbroad. They would also inform opposition that they cannot abide such a request. Judges would often agree with this stance, in the unlikely event that opposition pushed back (the discovery request was probably just a paper tiger). However, today, with litigants getting much more e-discovery conversant, discovery requests are more targeted, and the language is usually context-sensitive to the matter at hand. In these situations, counsel receiving and responding to the discovery request needs to be very speciﬁc with their response and also be informed as to the speciﬁc process their client will follow in conducting discovery response—especially since the requesting party will want to know. Again, this argues for a plan that is documented at a level that supports these conversations.

6.08. VIEWS ON DISCOVERABILITY

In-house and outside counsel will have views on whether a discovery response plan itself is discoverable. Is it attorney-client privileged? Is it privileged via being covered by the work product doctrine? Do they think it is discoverable and that there is no way they can keep it under wraps? The conclusions reached in these conversations will most certainly inﬂuence how speciﬁc or general the company makes the plan. This is yet another area where the legal department and outside counsel must agree well in advance of putting the discovery response plan into action. It is advisable to seek an outside expert’s opinion if a diﬀerence exists between the legal department and outside counsel. It is our view that discoverability notwithstanding; having a documented discovery response plan is useful not just to create process eﬃciency inside a corporation but also to have a tangible way to demonstrate to a judge that a company takes discovery seriously. A reasonably designed plan that results in a measured and consistent response to e-discovery requests has been something the

[ 86 ]

Litigation Readiness

judiciary, through opinion after opinion, has been suggesting to litigants for several years. By and large courts decisions on e-discovery issues have rewarded litigants for demonstrating that they try to “do the right thing,” though sometimes, they many “do something wrong.” Making good faith, inadvertent mistakes has been accepted by judges. Take for example, Federal Rule of Evidence (FRE) 502. This rule outlines how attorney-client privilege can be asserted in the case of e-discovery document productions. When a party inadvertently discloses privileged material, FRE 502 says that this does not constitute a waiver of privilege. In essence this rule reﬂects the general behavior of the judiciary. If parties behave reasonably and in good faith, in general, they are not penalized.

6.09. GETTING THE MESSAGE TO THE TROOPS

Once you’ve agreed upon the form and format of the discovery plan and whether it will be gradually rolled out or mandated top-down style, you need to select a medium or media for dissemination of the information. Experience tells us that a multimedia approach works best, largely because diﬀerent people absorb information best in diﬀerent formats. You’ll want to have departmental meetings to reach out to key players. There, the DRP can be explained in a multimedia way (lecture, Microsoft PowerPoint, Q&A) and physical takeaways can be distributed. Webcasts as well as seemingly primitive communication mechanisms like poster boards in hallways of the legal department socializing the existence of a formal discovery response plan have shown themselves to be eﬀective instruments for “getting the message out.”

6.10. HARD COPY WITH INTRANET SUPPORT

Physical material, in the form of paper descriptors and worksheets, are recommended at least initially for team members. These can then be supported by information on the company intranet. In addition to forms and worksheets, the intranet could include a “quiz” on key points of the DRP that all employees with DRP responsibilities, no matter how minor, would have to “pass” to be an “accredited” team member. This type of “certiﬁcation” approach has been used by a few of our clients as a velvet hammer to create a culture of compliance around e-discovery practices. We created a laminated workﬂow chart for one client that was meant to be distributed to all lawyers and IT personnel that would have some

T H E DI S C O V E R Y R E S P O N S E P R O C E S S & P L A N

[ 87 ]

involvement with a discovery response eﬀort at some juncture. The idea was that they would pin it on their oﬃce/cubicle wall and use it as a guide to determine who does what to whom, and with what tools/technologies, when discovery kicks in. This was accompanied by a detailed plan with worksheets, process ﬂows, forms, etc., hosted on the company intranet. Both (or either) could be useful, and all is driven by company culture and the personal preferences of the individuals championing the discovery response planning eﬀort.

6.11. KEEP, START, STOP

Don’t let the troops come away with the impression that the discovery response plan is some impenetrable initiative devised by lawyers for lawyers. Instead, get their buy-in by modeling the DRP after other successful initiatives in the corporation that were focused on installing a new business process where humans need to keep doing certain things, stop doing some things they were doing, and start doing new things, as outlined in the business process. Good comparisons are the Sarbanes-Oxley compliance programs, workplace safety and health, antidiscrimination policies, and similar initiatives that employees can relate to. Not everyone needs to have access to the entire DRP. Of course your core team needs to have total access to the DRP. But as you go through the rest of the team, use a “need to know” ﬁlter to limit access to those who truly require it. On the company intranet, some people will only need limited access in order to play their part. Others require access to a high level view of the discovery response plan. The key is that, after initial implementation/rollout, to get to the “embedded” business process, there needs to be a constant iteration (trial and error) of the discovery response plan. If no one is using the plan, then it should be reengineered and represented in a format that will cause it to be used. If a company goes through a litigation readiness assessment and planning process, then does not regularly use the discovery response plan that results, it is potentially more damaging than never having a plan at all.

[ 88 ]

Litigation Readiness

C HAPTER 7

Establishing a Litigation Response Team

As you prepare for the inevitability of litigation and the challenge of meeting a request to produce documents, you should be thinking hard about your team. This is no time to play Al Davis and put together an Oakland Raiders version of a discovery response team (DRT). You don’t want castoﬀs, prima donnas, or talented but diﬃcult loners. You want to shoot for a squad that moves together seamlessly from step to step with as little drama and ﬂair as possible. Save the drama for the courtroom. In discovery, we want teamwork. Let’s talk about building your team. First, we think you should consider whether your organization is ready to get ahead of the discovery curve by appointing a discovery counsel to spearhead your e-discovery program.

7.01. DEFINING THE OFFICE OF DISCOVERY COUNSEL [A] The Benefits of the Discovery Counsel

We predict that, before too much more time has passed, a signiﬁcant number of companies will employ someone with the title “discovery counsel.” “Oh, no!” you say. “Not another layer of management!” But think back: In the early 1970s, there were no occupational safety and health managers. No environmental control oﬃcers. In fact, there were no information technology (IT) managers! But changing times dictate a new order within the corporate organizational chart. If a company experiences constant or frequent litigation and investigations, ultimately, the smart ones will rush to identify a hybrid legal resource with a blend of legal and

IT knowledge who can guide them safely through the rocky terrain of e-discovery. Many companies will begin to see the value of the Oﬃce of Discovery Counsel, whether that comes by force in failing to follow the Federal Rules of Civil Procedure or as a proactive, forward-thinking approach to discovery response. But as is the case with many good ideas, the idea itself may seem like a shining beacon with the actual implementation proving to be more elusive. The mandate of the discovery counsel is not unclaimed property. Both the legal and IT departments have traditionally staked their claim on either side of, what has traditionally been, the indeﬁnable gap between law and technology—service and technology selection. In order to truly achieve full and successful implementation, all departments touching law and technology must recognize the gaps in their processes that have an impact on litigation and compliance. And, those who understand the advantages of a single individual or department charged with closing the gaps will succeed.

[B] Liaison Status

In navigating both areas of focus, Legal and IT, the discovery counsel will function as a liaison with and between departments as well as between the company and e-discovery practitioners at outside law ﬁrms and e-discovery service providers to allow both legal and technical staﬀ members at the company to perform their roles with a greater sense of focus and purpose. The discovery counsel will coordinate with the legal department in order to develop or potentially redesign document management strategies and amend those strategies to ensure defensibility in court or with governmental entities. Additionally, the discovery counsel will assist in administering these strategies throughout the IT department and business units and will assist in revising the strategies as technological advancements require. By functioning as an intermediary, the discovery counsel will be able to ensure that the oft-ignored document management and information governance strategies created with the best of intentions remain valid and enforceable. The same holds true in the other regard. Upon the acquisition of technology, the discovery counsel can aid IT in understanding the legal parameters surrounding the use of the new IT investments and help recognize the eﬀect that the new assets will have on the overall discovery process. This will be extremely important when the company is required

[ 90 ]

Litigation Readiness

to participate in FRCP 26(f) “meet-and-confer” sessions. The discovery counsel will be able to help the legal department adjust meet-and-confer discussions to include information about the company’s technology assets in a context-sensitive manner.

[C] Key Team Leader

Outside of the liaison work performed by the discovery counsel, the person ﬁlling those shoes will function as a key leader for the company’s discovery response process. He or she will work internally to develop proper protocols within diﬀerent departments to ensure that the document ﬂow from creation to production to destruction follows best practices of both the legal and technological arenas. This work will likely be done in conjunction with a records management group. When litigation arises, this person will oversee and supervise the ﬂow of data to diﬀerent outside experts and counsel. With someone at the helm, it will be simpler to identify eﬃciencies or ineﬃciencies, create pools of documents that can be reused in similar matters, and implement other process improvements that can reduce the costs, risks, and time inherent in the e-discovery process. It will likely be the discovery counsel who identiﬁes and prepares the “person most knowledgeable” for 30(b)(6) depositions. Furthermore, when the services of an outside expert are required, the discovery counsel will manage the selection and supervision of these experts to maximize the eﬀectiveness of the discovery response process. By harnessing the “nexus between law and technology,” the adoption of the role of discovery counsel will enable a companys discovery response business process to run more eﬃciently and smoothly.

[D] Related Benefits of the Position

Other key beneﬁts to the company that implements or formalizes this position will be easily and quickly recognizable. Many companies already have a person or persons with a solid grasp on areas of law and technology. However, by identifying a person whose sole purpose is to focus on the “nexus” between the two, companies can ensure that the latest innovations in technology as well as the newest cases and statutes are incorporated into decisions about technology acquisition, conﬁguration and deployment. This will truly be the ﬁrst identiﬁed role whose sole purpose is the bridging of the legal and technological divide.

E S TA B L I S H I N G A L I T I G AT I O N R E S P O N S E T E A M

[ 91 ]

[E] Defining the Role of Discovery Response Manager

Whether or not you have an Oﬃce of Discovery Counsel, you will need a team leader from the legal department who is responsible for putting the overall litigation readiness initiative into action using the discovery response plan as the enabling instrument. The discovery response manager is this person and serves as a core member of the discovery response team. The discovery response manager supports the discovery counsel, and inhouse attorneys, legal specialists, and outside counsel handling litigations and investigations across all practice areas with discovery, including with the execution of defensible preservation steps and collection protocols. A job description for the role might look like this: •

• • •

• •

Serve as primary point of contact for IT, records management, and recipients of document hold notices on issues relating to discovery, including preservation and collection of electronic documents. Track issuance and withdrawal of and compliance with legal hold notices. Evaluate and manage discovery service providers involved in particular litigations and investigations. Collaborate with discovery counsel and other members of the discovery response team to ensure continuous improvement of processes for handling discovery, particularly electronic discovery. Collaborate with discovery counsel and IT to evaluate new technology that may reduce the cost and burden associated with electronic discovery. Support discovery counsel with developing and conducting training programs regarding the company’s discovery response program, compliance with document hold notices, and proper collection protocols.

In the absence of a discovery counsel, the discovery response manager is where the buck stops on all major issues related to e-discovery. With the rapid evolution occurring in discovery, this person needs to be proactive about keeping up with all aspects of the ﬁeld, from the latest technology that applies to discovery to recent judicial opinions that may alter the way the company should preserve, collect, and produce data.

7.02. BUILDING THE TEAM FROM THE GROUND UP [A] Obstacles to Building Your Team

As with any process that demands team building, creating a discovery response team can be fraught with challenges. Getting it launched can take

[ 92 ]

Litigation Readiness

some ﬁnesse. Consider that the core of this team will be representatives from departments who speak diﬀerent “languages” and whose goals are not necessarily the same. For example, the legal department looks to preserve data broadly to ensure legal compliance, while IT actively looks at options for data destruction or reduction. These objectives don’t necessarily match when legal hold obligations are in place. As such, the teams can and must be built around the common understanding and business needs of both of these business requirements. In order to make this happen, it’s critical to bring these disparate departments together during the early analysis and discovery response planning phases. During this early stage, each department should designate someone (or several people) who understands electronically stored information (ESI) and the implications of a demand for production of same. The interests and experience of each representative will diﬀer, but, ideally, they will quickly understand that together they have a common objective: to manage ESI for the beneﬁt of the company. Members from diverse departments can be added to the team as required. Depending on the company’s structure, individuals from records management and compliance may serve on the discovery response team, as can members from other key business units. External partners from outside counsel, key vendors, oﬀ-site data storage managers, and e-discovery consultants may also be added to the team for their knowledge around ESI.

7.03. THE RESPONSE TEAM PYRAMID [A] Office of Discovery Counsel

The composition of the team typically looks somewhat like a pyramid. At the very top, there’s a senior manager in the company who has responsibility for team oversight and process governance. Increasingly, we will ﬁnd that sophisticated organizations will move in the direction of an Oﬃce of Discovery Counsel that manages the overall DRP process. The chartering of a formal “oﬃce” lends credibility to the team’s goals and objectives. The manager leading this oﬃce does not need to be involved on a daily or even weekly basis, but should receive regular reports, ask questions, and give feedback. This individual should review the execution of the discovery response plan on a regular basis and recommend adjustments if the company’s litigation portfolio changes. Beneath the senior manager on the pyramid lies a two-tiered discovery response team—strategic and tactical. The strategic group provides highlevel governance (in conjunction with the senior manager) and oversight and helps set direction. The tactical unit serves as the workhorse of the

E S TA B L I S H I N G A L I T I G AT I O N R E S P O N S E T E A M

[ 93 ]

discovery response eﬀort. This unit, which may meet daily if events dictate, handles the nuts and bolts of discovery response. The team also gets direction from, and provides feedback to, the strategic group. This group may need staﬀ support as ESI production demands increase, thus requiring the company to shift staﬀ responsibilities or hire new personnel. Ultimately, these two units will develop processes that beneﬁt the company, not only for e-discovery response, but also in other areas that require repeatable, defensible policies and systems. In the end, having a formal, established discovery response team will bring together competencies that beneﬁt the entire company. This will result in a win-win for any company confronted by ongoing litigation or regulatory oversight. Each team member’s contributions will be validated by collaborating and working together to win the e-discovery battle.

7.04. TEAM STRUCTURES AND CONSTITUENCIES

The core e-discovery response team should consist of: • • • • •

law ﬁrm representative; corporate legal department representative; Information Technology (IT) representative; records management representative; e-discovery services provider(s).

The core e-discovery response team is ideally composed of key members from the legal, IT, records management, and (sometimes) compliance departments. To this core of insiders, you will likely add outside counsel and a service provider with the ability to provide expert support throughout the discovery response process. You’ll need a point person, either someone so designated from the legal department or, if you’re so inclined, a discovery counsel with expertise in legal and IT matters.

7.05. BE SPECIFIC

It’s the discovery response team that is on point for implementation of the discovery response plan and is critical to ensuring success across the full spectrum of legal matters. For each of the core team members, the job description should include speciﬁc discovery response plan responsibilities and clearly deﬁned objectives for their participation in the discovery process.

[ 94 ]

Litigation Readiness

Others will be added as you create subteams to work on speciﬁc steps in the discovery response plan. Your core team should be engaged in every aspect of the process, with regular updates from the subteams (frequency depending upon the nature of the matter) and scheduled core team meetings so that core members can brieﬂy touch base on the status of speciﬁc matters.

7.06. KEY STEPS FOR BUILDING YOUR TEAM

The key steps to building an eﬀective discovery response team include the following. •

•

•

•

Establish a team charter. This is a formal process that should address the team’s mandate, goals, and objectives. It should deﬁne the elements of the team itself, and it should specify the resources the team will require. Identify the departments and people. The discovery response team should represent an interdepartmental mix of legal and technology experts who understand both the strategic and tactical requirements for defensible e-discovery response. The identiﬁcation process should start with the legal and IT departments, and then expand as needed. Prepare the organization for change in the management of ESI. E-discovery response planning is, by deﬁnition, a change initiative. The discovery response team members are change agents, and their stewardship of change must be sanctioned by the company. This acceptance must ﬁrst occur at the executive level and then ﬁlter down throughout the company. Determine the team’s tasks and workﬂow. Establish a process and workﬂow that will ensure collaboration and eﬀective communication across the discovery response team members, as well as with external parties that may be involved in the e-discovery process, such as outside counsel and third-party service providers.

7.07. WHAT DOES A CHARTER LOOK LIKE?

Team charters can vary depending upon the situation to which the team is responding. Two examples of charters: 1. The discovery response team (DRT) is an interdepartmental work team that responds to the company’s discovery demands during each

E S TA B L I S H I N G A L I T I G AT I O N R E S P O N S E T E A M

[ 95 ]

phase of discovery. The DRT functions as the central hub for discovery response and provides a framework for the legal, IT, and compliance experts, business units, outside counsel, and third-party vendors to succeed in the company’s discovery eﬀorts. 2. The discovery response team works closely with the legal department to respond to the company’s discovery demands. The DRT is responsible for supporting the legal department in its obligation to preserve, collect, and produce electronic evidence as it relates to the company’s business demands associated with discovery.

7.08. HOW E-DISCOVERY IS CHANGING THE LANDSCAPE [A] Job-Producing Engine

Just as the Oﬃce of Discovery Counsel has emerged from the corporate imperative to master e-discovery, so are other new positions cropping up at organizations that want to make sure someone is responsible for discoveryrelated outcomes. For instance, in records management and IT departments, we are starting to ﬁnd such roles as information governance manager, chief knowledge oﬃcer, chief data oﬃcer, e-discovery manager, evidence collection specialist, and other positions alongside the more traditional IT and records management roles. These people represent the type of expertise that you’ll want on your discovery response team. Some may play secondary roles, but their input will be invaluable once they are further integrated into the newly established, proactive discovery culture.

[B] Tasks and Workflow

As discussed in Chapter 5, a complex team initiative such as responding to a request to produce documents requires detailed scheduling of tasks and tracking of workﬂow. Because the various steps in the DRP process tend to overlap, departmental and team ﬂowcharts and work-progress spreadsheets need to be carefully maintained and coordinated by the discovery response team to ensure smooth transitions and a successful outcome. For example, because of the potentially disruptive nature of legal holds to a company’s order of business, all legal holds must be carefully tracked and lifted or adjusted in a timely and appropriate fashion.

[ 96 ]

Litigation Readiness

[C] Change and the Discovery Response Team

A dynamic discovery response team, whose members are valued by senior management, can quickly ingratiate itself in an organization. The cost eﬀectiveness of a highly functioning discovery response team should show up quickly on the bottom line, as litigation outcomes improve and the traditional fear and chaos surrounding discovery in major litigation or investigation subsides and discovery response becomes “business as usual.” This will require senior management to not only support the team, but to broadcast its successes to the rest of the organization. The result will be that employees not directly involved in litigation or investigation will begin to understand that they can nonetheless have an impact on such matters simply by the way they conduct themselves on a day-in, day-out basis at work. They will want to support the team because everyone wants to support a winner—especially when the “wins” can lead to better ﬁnancial performance for the company through lower risk, better outcomes, and more-eﬃcient processes. Once you have your discovery response team in place, you are ready to put your discovery response plan into action.

E S TA B L I S H I N G A L I T I G AT I O N R E S P O N S E T E A M

[ 97 ]

C HAPTER 8

Implementation of the Litigation Readiness Program

O

nce you have your discovery response team in place, it’s time to communicate this new initiative to the rest of the company. Think of this as a major marketing and sales campaign. You’ll want to have all of the elements that mark a new product launch: the unveiling event; a multilayered rollout campaign designed to reinforce and expand upon the message communicated at the launch event and possibly a regularly scheduled marketing program that reinforces the initiative throughout the company. Things such as news updates are very powerful instruments as litigation readiness takes hold and becomes a living entity within the company- one that can make or break careers, contributes to the bottom line, and evolves into a signiﬁcant element of the company culture. Note: Some comments added for dramatic eﬀect!

8.01. CONSTITUENCIES AND TAKEAWAYS [A] Catch the Litigation Readiness Buzz

Even before you oﬃcially unveil the initiative to the troops, there will likely be a buzz of some magnitude already. You team members will have discussed it around the water cooler. If all has proceeded well, they will be excited about being a key player in this new program. And they will be a little worried about the risks faced by companies that are unprepared for discovery. Remember, these team members are your ambassadors to the rest of the company. You’ll want to keep tabs on their level of understanding of their role and, more important, ensure their continued enthusiasm for the task ahead.

You don’t want to wait too long before formally taking the wraps oﬀ your new commitment to litigation readiness. You also don’t want to plunge ahead without a thoughtful plan for marketing the initiative to the troops. Although the process of truly engaging everyone in this campaign will take time, getting the program oﬀ on the right foot will shorten that timeline.

8.02. CRITICAL TEAM TAKEAWAYS

Now that you’ve introduced your core team to the concept of litigation readiness, you need to send each player back to their direct reports, managers and peers with a set of takeaways. To review, your key constituencies include: a) b) c) d) e) f) g) h) i)

in-house counsel; in-house legal support; information technology (IT); records management; risk management; compliance; ﬁnance; lines of business; outside counsel.

Each core team member will have takeaways to impart to their direct reports and administrative managers and peers that are unique to their function in the organization. Generally, these takeaways will fall into one of the three following categories: Documentation of elements of e-discovery: Throughout the company, wherever electronic data is being created, shared, stored, or destroyed, elements of the discovery process are occurring. The process of collecting electronically stored information (ESI) in discovery involves steps that can, and must, be documented. In most companies that are just becoming familiar with the challenges of e-discovery (electronic discovery), these elements were generally unseen and certainly not documented. Example: At exactly what point did someone in the company become aware that litigation, or an investigation, would likely take place? For many reasons, this needs to be documented. All too often, it isn’t.

I M P L E M E N TAT I O N OF T H E L I T I G AT I O N R E A DI N E S S P R O G R A M

[ 99 ]

Changing traditional behavior: When a company commits to becoming litigation ready, it has committed to changing its traditional ways of operation. Members of every department of the company will have to learn new ways of managing data; the old ways will soon be seen as “risky behavior.” Example: When an employee leaves, many companies historically wiped the departed employee’s hard drives clean, erased any phone messages that might have been in the system, and recirculated their IT assets to other employees. No more. Now, when an employee, especially a key manager or someone who manages sensitive data, leaves, their electronic material must be preserved until it can be reviewed and a determination of its disposition can be made. One of the good news/bad news scenarios in this regard has been that companies have feared sanction from destruction of potentially relevant documents. As such, they tend to save everything—especially because the cost of storage has dramatically declined over the years. The problem with this is that the cost of storage is dwarfed by the cost of discovery of a larger volume of irrelevant documents. So, when an employee leaves, these days, it is more likely than not that their data is kept - again, good news/bad news. Some new processes completely unfamiliar to the workforce are going to be introduced: Here it is: The Fear of the Unknown. We’re going to discuss this takeaway in some detail, because when you market this initiative internally, this is one sale you’ll want to be sure to close.

8.03. THE UNKNOWN: KEY TO MASTERING THE INEVITABLE [A] Accept and Comply

Documenting the activities that deﬁne a discovery response plan (DRP), doing something diﬀerently to adjust to the new rules of e-discovery— these are things that any employee can understand and learn. As well, a manager can objectively evaluate his or her direct reports as to their behavior with these two types of actions. The third piece of the litigation readiness equation—acceptance and compliance with new processes—is more diﬃcult to quantify and to evaluate. This is one of those areas in which employees essentially are deciding whether or not they ﬁt into the new matrix that the company will invoke once it is litigation ready. It is the responsibility of management to recognize who is on board and who isn’t, and to set a timeframe in which people must come on board.

[ 100 ]

Litigation Readiness

[B] Mastering the Legal Hold Notice

To demonstrate the hurdles that those within the company will face as they seek mastery of this new discipline, let’s look at a process that will be new to many within the company because of the e-discovery requirements imposed upon the process. When e-discovery is triggered by a new case or investigation, there is an immediate obligation to preserve data that is (or may be) responsive to the issue. This means not only preventing data from being deleted, but also from being altered in a way that obscures its original form. The ﬁrst step toward meeting that obligation is for the legal department to write and disseminate a legal hold notice. 1) Creating the Legal Hold Notice The legal department serves as the point guard for this activity. An attorney responsible for the matter, with input from managers and employees directly impacted by the issue gathers to compose the legal hold notice. This group determines: •

•

• •

What the notice says—keep it simple, clear, and “legal,” and don’t make things worse by subjectively discussing the matter in the legal hold notice. Who should receive it—i.e., the “owners” of the relevant data, which would include business managers, information technology (IT), records management, and perhaps other department heads. How it should be communicated—written? email? personally delivered? What the follow-up to communication should be—not whether someone responds, but how quickly they need to acknowledge receipt of the legal hold notice and in what format they should respond (email, telephone, etc.).

2) Does Your Legal Hold Have Teeth? Even if your company is somewhat familiar with the concept of the legal hold notice in the world of paper documents, our experience suggests that going forward this should be viewed as a new process. Many companies have unwittingly put themselves at considerable risk in the age of ESI because of their mishandling of the legal hold. Far too often, someone in the legal department hastily crafts a notice, emails it out to a list of

I M P L E M E N TAT I O N OF T H E L I T I G AT I O N R E A DI N E S S P R O G R A M

[ 101 ]

recipients, then goes back to business as usual. There’s no follow-up to determine if everyone on the list read the message, no clear way to know if the hold is being adhered to or not. This toothless legal hold can lead to disaster quite early in discovery, if the other party ﬁnds that the notice was ignored and the data no longer exists in the proper form. The legal hold notice must be acknowledged by everyone who receives it. There has to be a process in place in which recipients respond in a certain way within a certain timeframe. The response should clearly state that the recipient has received the notice and understands the obligations the hold implies. If that response isn’t forthcoming, it is incumbent upon the legal department to follow up until the right response is received and documented. 3) Preserving the Data: Need for Immediate Collection Once the hold is issued there must be transparency as to how each recipient is managing the hold. Has the recipient communicated the particulars of the hold to the rest of the department? Has every recipient acknowledged the hold in a proactive way? The legal department needs to be on top of this and to document each step along the way. In some instances, preservation and collection of essential data may have to be nearly simultaneous—another major departure from the “old” chain of events around legal hold notices. If there are key individuals whose data is clearly relevant to the matter at hand, a more aggressive approach to preservation and collection may be needed. You don’t want someone deleting relevant ESI. Nor do you want to ﬁnd that, when you come to collect the data weeks or months later, certain employees have left the company, perhaps taking with them data that should remain within your system. These cases may dictate immediate preservation and collection. 4) Mastering the New Best Practices Your department managers need to be aware of these types of situations so they can proactively assist the legal department to implement best practices in the management of relevant data. In the old days of paying lip service only to a legal hold notice, these individuals were not evaluated on their ability to manage the legal hold process. Now, they will be. They need to understand that they could be responsible for tracking dozens of legal holds that overlap one another. Thus, their job description will change. There will be new responsibilities related to the legal hold notice, to discovery response, and to litigation readiness in general.

[ 102 ]

Litigation Readiness

You don’t want to spring the news on them in the breach. This communication of new roles and responsibilities related to new processes has to take place during the marketing of litigation readiness to the organization.

8.04. MARKETING THE PROGRAM [A] Crafting Communications

You want to approach the marketing of litigation readiness as though it were a signiﬁcant new product, almost a bet-the-company initiative. Instead of selling it to the public, your target audience is an internal one. So get your marketing and communications teams together, have them meet with your core litigation readiness team, and start crafting the messages. Remember: The most important litigation readiness sales person in the company is the general counsel (GC). She or he is your ﬁrst “customer/ evangelist” for this sales campaign. The GC should be the face of litigation readiness messaging. Make sure your boss is on board and excited (not just willing) about galvanizing everyone else to join this crusade. If you try to push forward without senior management buy-in, the likelihood of achieving compliance through best practices will be remote.

[B] The Sales Pitch

You’re selling this product to your employees. What’s in it for them? Some things to consider: 1. This is a compliance issue. You want to instill a bit of fear (but not too much) into the troops. They need to be clear about the urgency of achieving compliance across all departments. Explain that, just like equal employment, occupational safety, and workplace harassment initiatives, this one too, carries heavy consequences for the company if compliance is not reached. Combine the “fear” messaging with a message that says that your company has high integrity and wants to fulﬁll any and all obligations imposed internally or externally. Company pride and ego are powerful motivators. A compliance culture in the beginning of the second decade of the new millennium will certainly be relevant. 2. People want to be on a winning team. After using the compliance hammer on the workforce, you can switch gears and appeal to the universal desire to be identiﬁed with a winner. In your messaging, emphasize that the team’s mastery of this new initiative oﬀers the company a

I M P L E M E N TAT I O N OF T H E L I T I G AT I O N R E A DI N E S S P R O G R A M

[ 103 ]

distinct competitive edge over other companys who don’t understand this, and will ensure that the company can play as a peer with competitors who have already adopted litigation readiness as a core competency. Indicate that those who are on board early will be rewarded. 3. People want to enhance their workplace skill set. Those who understand and master the process have earned a resume builder. Make sure they know their reviews will include an evaluation of their DRP activities. 4. No one person (except the discovery response manager and the discovery counsel, if one exists) has to master the entire process. There will be speciﬁc responsibilities delegated, but nothing that a good employee can’t manage. This is a team eﬀort; if everyone understands and plays their part, the company will master the initiative.

8.05. THE LAYERS OF THE LITIGATION READINESS ONION

Now you’re ready to craft the collateral that will spread the good news about litigation readiness. Some rules for initial messaging: 1) Make it consistent. The basic message should be simple, straightforward, and able to be communicated across many communications platforms. 2) Make it layered. Like an onion, you want this one to have a basic central message (elevator pitch); a slightly richer one for brochures, the e-newsletter, perhaps an introductory video starring your GC, and a basic block on your intranet; more detailed print format for department heads as they meet with their direct reports to explain roles and responsibilities; and a very descriptive message on the intranet or available as a downloadable document and/or hard copy format for critical team members. Think of the layers as need-to-know, then separate your workforce up into appropriate need-to-know categories and craft messages for each one. 3) Make it readily available. Just giving a pep talk at a company-wide meeting and posting a document on the intranet won’t get it done. This is serious business that will impact everyone. You have to get the message out to where people go for their information. And you need to make sure everyone has at least seen the message. For instance, if you have sales people out on the road, you need to email relevant pieces to them and request acknowledgement. Give extra thought to how you’ll communicate to the folks in the non-U.S. subsidiaries (or in some cases, parent company), some of whom may not speak English ﬂuently or

[ 104 ]

Litigation Readiness

have any advance knowledge about discovery. You have to know that they have read and understood the information. This is an excellent place to start documenting the process. 4) Make it come alive. Examples! Examples! Examples! They can range from quick hitters (“Last year, company X had to settle a major lawsuit on unfavorable terms because they did not properly fulﬁll their preservation obligations”) to more lengthy anecdotes that illustrate the dangers of an out-of-control electronically stored information ecosystem. You are educating your workforce, but you don’t want to put them to sleep. You can lace your messages with factoids (“Our volume of electronically stored information has grown 100-fold in the last two years”), charts, and graphs. Remember, everyone absorbs information in a different way. It is imperative that the right-brain and left-brain thinkers are both served by your messaging.

8.06. THE LITIGATION READINESS LAUNCH

Once you have your communications collateral ready to go, you need to consider the launch. What works best in your organizational culture? A serious, deliberate, step-by-step rollout? Company-wide meeting, or department by department? Is this important enough to take people oﬀsite for the day, let them break up into groups after a general session, then come back with comments and questions? Perhaps yours is a culture in which a little fun and excitement for the launch might get more immediate buy-in. If so, go crazy—call it a launch party! Pick a theme (cruise ship or Mission to Mars), play some upbeat music, hand out hats and T-shirts, split up into teams and make a competitive game of it. You know your culture best. You need to launch this on a positive note. Plan this piece carefully. The key is that the plan should be actionable. This happens when everyone leaves a launch with explanatory materials, aware of the resources that are available so that they can learn more about their role in this critical initiative.

8.07. ORBITING AROUND THE INITIATIVE

After the excitement of the launch has subsided, it’s time to roll out a scheduled campaign to revisit the issue department by department. Reiteration of the message is crucial to embedding the litigation readiness discipline within the company.

I M P L E M E N TAT I O N OF T H E L I T I G AT I O N R E A DI N E S S P R O G R A M

[ 105 ]

The core DRP team should set the tone with mandatory weekly meetings for at least the ﬁrst few months. These key players must quickly demonstrate complete mastery of their roles and responsibilities vis-à-vis the DRP, not the least of which is their function as ambassador to the rest of the company.

8.08. KEEPING THE INITIATIVE IN THE NEWS

For those departments like IT and records management, you’ll want your managers to have frequent discussions with their direct reports, managers, and peers about the initiative. These can range from one-on-one meetings to full department staﬀ meetings. For the ﬁrst few months, these may occur on a weekly basis, as your managers need to be certain the message is clear and roles and responsibilities are understood. Senior management should test the level of understanding of the workforce through occasional focus groups. Participants may vary according to what you’re trying to learn. Example: Some focus groups representing key functions like IT and records management may include only representatives of those departments. A more general sampling of the workforce’s level of understanding can be gauged from a focus group with individuals randomly selected across all departments. Meanwhile, you’ll want to discuss the DRP and any news around it (promotions, new hires, creation of the Oﬃce of Discovery Counsel) in company publications. 8.09. LITIGATION READINESS AS CORPORATE CHANGE AGENT [A] A Package of Change

Perhaps your decision to embrace litigation readiness is part of a larger corporate self-examination. As part of an overall agenda for change, litigation readiness becomes less threatening. It is one element in a companywide transformation designed to reinvigorate a company that has begun to drift or, worse, to sink. It’s much easier to market litigation readiness as part of a package of change.

[B] Goes Well with Reinvention

On the other hand, for a company that has not been prepared for e-discovery, litigation readiness is an unknown initiative. Most change initiatives are

[ 106 ]

Litigation Readiness

variations on an existing theme. You don’t want employees to underestimate the impact litigation readiness will have across all departments. It requires extra attention even if it is part of a larger change initiative. However, if senior management is reinventing the company (sometimes due to a merger or acquisition), there’s certainly no better initiative to focus people’s attention on than litigation readiness. Let’s look more closely at how litigation readiness changes a culture. Correctly implemented, it transforms a company from one that ﬂails from one lawsuit or investigation to the next into a ﬁghting machine ready to take on all comers. Its guiding principle is mastery of a heretofore unknown discipline that will make the company healthier and more proﬁtable. Why not make it the centerpiece of a transformational agenda?

8.10. COMMUNICATING THE OUTCOMES OF LITIGATION READINESS [A] Sharing Outcomes

Once the litigation readiness initiative has been rolled out across the company and all hands are familiar with the discovery response plan, the iterative retriggering of the discovery response plan will begin to produce measurable outcomes. Question: Do you share these with others outside the core DRP team? Here are some considerations to weigh: •

•

•

Are outcomes of other “new” initiatives shared regularly? Example: Many companies share workplace safety data with the workforce in an attempt to keep attention focused on it. Data on the eﬀectiveness of environmental controls is often reported to employees. Total quality management (TQM) results were routinely reported when that initiative was in its infancy (and gains were substantial). What would be the objective of sharing results or reporting significant DRP “wins”? This seems elementary—you’ve just taken everyone through an arduous learning process, they want to know if it was worth it. Will the legal department let it happen? The legal department isn’t known for reporting outcomes on any sort of regular basis to the rest of the company. Maybe this is a good time to change that behavior. Reporting good news about this initiative will bolster the legal department’s standing within the company and begin to chip away at its

I M P L E M E N TAT I O N OF T H E L I T I G AT I O N R E A DI N E S S P R O G R A M

[ 107 ]

reputation as a bastion where only the privileged (or troubled) have access. We would recommend that outcomes and in particular successfully resolved matters be shared with other stakeholders. You’ve engaged everyone in the process. Let them know how it’s going. If they are truly on board, they will want to see it succeed.

[ 108 ]

Litigation Readiness

C HAPTER 9

Embedding the Program

9.01. GUIDING PRINCIPLES TO EMBED THE INITIATIVE

By this point, you should be convinced of the advisability of equipping your company for legal battle with a sophisticated discovery response plan. But how do you sell the program to the decision-makers within? How do you convince your senior management team, the board, and, of course, the stakeholders throughout your company who will be involved in the process, that this is a matter of utmost urgency?

9.02. DON’T REINVENT THE INVENTED

Despite what you may believe, this is hardly uncharted territory. We have emphasized the inevitability of litigation readiness. But companies have faced many such challenges in relatively recent times. It will be helpful to realize that companies have been adopting and embedding similar initiatives on a regular basis. Some examples of “new” initiatives that we now scarcely think twice about include: • • • • •

occupational safety and health policies; environmental controls; total quality management (TQM); employee grievance process; nondiscrimination policies.

All these initiatives involved potential liability for the company in one way or another. All had critical legal components that helped spur their adoption. The diﬀerence with litigation readiness is that, instead of the

legal department being involved in the implementation of a new policy, as legal departments were in the cases cited above, this time, the legal department is at the very epicenter of the action. The legal department is telling the company, “We need this initiative so the legal department can provide the best possible risk management services to the entire company.”

9.03. SELLING LITIGATION READINESS: CONSENSUS, NOT COMMAND

The legal department must spearhead the embedding of litigation readiness, and it must lead a team that will receive the complete respect and support of senior management. For without senior management’s imprimatur on the initiative, you won’t be able to sell it up (to the board) or down (to everyone else). Remember, we’re not looking for a command-and-control implementation. You can’t ram litigation readiness down anyone’s throat. It’s too easy for one or two key players to disrupt the process. We’re seeking control through collaboration not command and control. Consensus is crucial to our successful implementation, to embedding litigation readiness into the corporate culture, just as has been done with all the other initiatives mentioned above. “Selling” litigation readiness to senior management should be approached as a high-level sales job. This is not the time for an informal chat with key executives (although a few of those are advisable as you prepare for your oﬃcial presentation – executives hate surprises). This is a full-court-press eﬀort to likely save the company a lot of money over time, to completely change the way the company views a certain piece of its culture and daily activity. The trappings must be impressive for a presentation of this magnitude. You’ll want the executive conference room, all the equipment necessary for your elaborate Microsoft PowerPoint presentation, a detailed agenda, and plenty of time for a full presentation and a lengthy question-and-answer period. This meeting is a signiﬁcant investment in the company’s future. Don’t cut corners when you unveil it to the people who are critical to the initiative’s success (even if it means twisting a few arms or calling in a few favors to get senior-level participation for a lengthy meeting!).

9.04. YOUR STUDIO AUDIENCE INCLUDES . . .

First, you must select your audience strategically. You don’t want too many senior people at the table—but you don’t want to leave out any key players. You don’t want the entire board of directors—but the board chair or perhaps head of the audit committee ought to be there. Remember, this

[ 110 ]

Litigation Readiness

is a several-part sales job. You’re going to sell it to your key executives. They will then go out and sell it to their constituencies. The CEO or general counsel is an obvious choice. Don’t have the meeting without one of these players. You must insist upon their presence, and be prepared to schedule and reschedule around their timetable. If there seems to be some reluctance on their part to participate, it’s time to sit down and have a little one-on-one chat about the urgency of executive approval for the initiative. The board chair should be in the audience because it’s the chair’s job, along with the CEO, to present to the full board. This presentation should be as a fait accompli; you don’t want the full board debating litigation readiness endlessly. In fact, there may be no debate whatsoever. In a best-case scenario, the board chair and CEO will simply report to the full board that the organization is now armed with a discovery response plan (DRP) that will a lot of money over time, reduce risk in litigation, and allow the legal department to do its very best work. Period, end of report. How about department heads? The folks who are most likely to come over to your way of thinking (if they aren’t there already) are those involved in records management, information management, and ﬁnance. Winning these executives over is vital. They are the ones whose departments will be most impacted by litigation readiness. And they are the ones who can already see (or can be made to see) how a lack of preparation has taken a toll on their turf.

9.05. OTHERS AT THE TABLE

You probably want the senior human resources executive at the presentation. Any time there’s a major shift in the wind, the human resources department (HR) needs to be there. While the impact of a DRP on HR won’t be obvious or dramatic, there will be implications, from hiring new personnel or educating existing personnel as to the ramiﬁcations of multiple legal holds or simply employee complaints about something they don’t understand. Don’t be afraid to include a skeptic or two (but not four!) in the crowd. Perhaps you’ve gleaned that the operations department isn’t wild about something that it views as causing yet more disruptions to its activities. It won’t hurt to have someone raising “tough” questions—as long as you’ve discussed DRP with the skeptic(s) ahead of time and know the answers to the questions you’re sure they’re going to raise. This actually lends further credence to the presentation and the embedding process going forward, since the chief skeptics have had their say and their concerns have been addressed. (Make sure they are addressed!)

E M B E DDI N G T H E P R O G R A M

[ 111 ]

9.06. KEY POINTS TO COMMUNICATE

Iteration, not Big Bang. Do not try to internally market litigation readiness as a special elixir that will somehow transform the company overnight. If you focus on a previous initiative like total quality management (one we like very much), you’ll get the marketing plan right. The beauty of litigation readiness is that its key steps can be repeated every time you face the challenge of electronic discovery (e-discovery). You want to promote the iterative possibilities—no, the certainties—of litigation readiness, not some Big Bang impact that the process can’t live up to in the short run. The process can be measured. Metrics is perhaps the biggest organizational buzzword to come along in quite some time. Metrics are a huge selling point for the leaders of any company right now. Surprise: It actually applies in the case of litigation readiness. These types of metric systems can evaluate your company’s DRP process going forward so that, as with TQM, you can begin to reﬁne the process for even better outcomes. You don’t have to fall back on the argument that your team’s collective gut tells you this is the right thing to do. Your presentation should include plenty of materials demonstrating the metrics associated with litigation readiness. If you have had a readiness assessment performed (a valuable exercise to undertake), and received the expected dismal scores, this is a good time to share them as the basis for the new program. Your gut veriﬁes the urgency of adopting and embedding the process. Once you’ve made the case that the DRP process is iterative and measurable, then you can appeal to the managerial instincts that tell you this is the right thing to do. This is an argument you should be able to deliver by now with passion and clarity. You can again refer to your readiness evaluation, demonstrating the urgency of this situation. But more important to your presentation is to impart your sense that, having fully examined your organizational needs and the advantages of DRP, you cannot in good conscience proceed without a litigation readiness plan in place. You know the risks; your gut urges you to act immediately to address those risks.

9.07. FOLLOW-UP TO THE BIG SHOW

The conclusion of your presentation must include assigning tasks to those present. Of course, really the only task any of them has is to go out and sell litigation readiness to their constituents. You may not want to put the assignments quite that bluntly. But each person must understand to whom they will

[ 112 ]

Litigation Readiness

market the initiative, the timeline for the internal sales eﬀort, and what the next steps are for the executive team as they seek to embed litigation readiness into the company’s culture. CEO: The CEO’s ﬁrst task is to team up with the board chair and extol the virtues of litigation readiness to the board. You’ll want your general counsel (GC) there for the presentation. Because of the complexities of this initiative, we strongly advise that this be presented as something that will happen, not something that the board must approve. Think again of TQM: Do you think General Motors’ board had to sign oﬀ on it? Not very likely. This is the sort of thing the board expects management to handle. But the board does need to know about it, because board members will be hearing about it down the road as it begins to shape the company’s legal endeavors. It’s also the kind of initiative a board member can take pride in, because it demonstrates that the troops are determined to be at the forefront of trends in business. The CEO is also the ideal person to personally endorse the litigation readiness initiative across many platforms within the company. Among the opportunities: • • • •

Emails about it should go out under her email address. She should mention it in the company’s e-newsletter and annual report to shareholders. She should present it, along with the GC, at executive committee meetings and at the next executive retreat. The CEO should meet soon after your presentation with the full legal department, including outside counsel, to enthusiastically endorse this new direction. (You will brief the CEO in depth prior to this meeting.)

The more direct involvement you can get from the CEO, the more quickly litigation readiness will become a way of doing business. Board chair: The board chair delivers the great news to the full board, with the CEO and GC, that a litigation readiness process will be implemented throughout the company. GC: The general counsel is the head cheerleader for the implementation and embedding of litigation readiness. The speciﬁc post-executive-teammeeting role here is three-fold: 1. Meet with legal department for in-depth discussion of the DRP. Roles assigned within department, expectations clariﬁed, chain of command designated. Everyone in the department must be a fervent advocate for implementing the process.

E M B E DDI N G T H E P R O G R A M

[ 113 ]

2. Meet with outside counsel and outside counsel’s support staﬀ for in-depth discussion of the DRP. Roles assigned. 3. Meet with all department heads to explain the DRP, expectations for each department, and likely impacts departments may experience apart from the direct input that will be expected of them. Department heads: Department heads are responsible for explaining the initiative to direct reports and assigning roles if necessary. Special attention should be given to legal holds and their potential impact on the department.

9.08. HAS LITIGATION READINESS EMBEDDING OCCURRED?

For an initiative to be truly embedded within the corporate culture, it should be almost invisible. The steps involved should be automatic; the phrase “litigation readiness” is no longer met with a quizzical expression anywhere within the company. Achieving this level of embedding may take years. That’s not what we’re looking for here; at least not initially. Rather, we are looking for a continuum that suggests people understand what it is, why it is important, and what their role in the process is. Evidence that litigation readiness is being integrated into the organization’s daily activities would include: • •

• •

• •

A systematic analysis of the outcomes of litigation and investigations that includes a review of the DRP’s role in the outcomes. The regular sharing of the results of this analysis with key managers with the objective being to consistently work to improve outcomes. An acceptance and understanding of the signiﬁcance of a legal hold. Acknowledgement by employees in general that electronic documents they create, forward, reply to, or delete can have long-term ramiﬁcations when litigation arises. Acceptance by key managers that things like content mapping are vital to the healthy functioning of the company. Acknowledgement by the information management and human resources departments that knowing where electronic documents reside is just as important than trying to control what employees do with electronic data.

[ 114 ]

Litigation Readiness

9.09. THE TIPPING POINT

This is not an exhaustive list by any means. The pre-DRP readiness level of the organization will inﬂuence the factors that indicate the level of embeddedness achievable by the initiative. If the DRP is rigorously applied by the legal department, acceptance across the organization won’t be diﬃcult to achieve. At some tipping point, it will become “fashionable” to be part of the DRP process. That’s when you will know the battle has been won.

9.10. PUTTING THE PLAN INTO ACTION

Let’s look at an example of how the discovery response plan unfolds once an adverse action has been initiated. The “meet-and-confer” conference for electronic discovery has moved from a nice-to-have to a requirement under Federal Rule of Civil Procedure 26(f). Crucial negotiations involving the scope of discovery now take place in the meet-and-confer conference. The unprepared legal team can sustain serious damage during this conference. Meanwhile, the Federal Rules are becoming much more speciﬁc about how these conferences are to be conducted and what outcomes are expected of them. A major component of preparing for a 26(f) meet-and-confer conference is a “map” of the litigant’s electronically stored information (ESI) content: where it is, what it is, how to preserve it, how to collect it, etc. This defensive requirement can be turned into a strategic advantage when counsel is well informed as to the location and nature of the ESI, as well as the costs necessary to produce it.

9.11. STEPS TO 26(F) SUCCESS

Clients can prepare for the FRCP Rule 26(f) conference by developing an understanding of the following: •

•

Preservation processes: How are legal holds enforced and documented? Have preservation obligations for the matter been met? What voluntary disclosures are required as part of the 26(f)? Content repository analysis: What data repositories contain potentially responsive electronically stored information (ESI)? How accessible

E M B E DDI N G T H E P R O G R A M

[ 115 ]

•

•

•

•

are they? What systems are in place for identifying potentially relevant content? Total cost of e-discovery analysis: What is the likely total cost of e-discovery for the matter? What resources will be required to respond to potential discovery requests? Accessibility analysis: Where does ESI exist within the company? How accessible is the data for discovery? What are the areas of greatest potential undue burden or cost? What is the basis for arguments, if available, to claim inaccessibility due to undue burden or cost? Collection methodologies: What are the available collection protocols as they relate to existing computer systems? Which approaches are best, both in terms of cost and defensibility, for the matter at hand? What documentation exists to demonstrate reasonable design of the process? Production format recommendations: What are the diﬀerent methods of production that are likely to be pertinent to the case? Which ones can the company best support?

Following is a step-by-step breakdown of how the DRP is applied to the meet-and-confer conference. Step 1: Complaint Served • •

Document the date complaint was received Identify potentially relevant custodians and data repositories Step 2: Litigation Hold/Preservation Process

• • • • • •

Information technology (IT), legal, and records management staﬀ meet and discuss legal hold approach Issue legal hold notice to all custodians, including IT stewards of relevant data repositories Reconﬁrm that all appropriate destruction policies have been suspended Identify IT owner for evidence preservation eﬀort (aka person most knowledgeable) Meet with key custodians to ensure compliance with legal hold Collect and preserve potentially relevant evidence (in place or in secure evidence repository) Step 3: Early Case Planning

•

Gather existing documentation and assign tasks for mandatory disclosure

[ 116 ]

Litigation Readiness

• • •

Collect and review subset of key custodians/types Test search term, sampling, and other culling custodian strategies Extrapolate ﬁndings to determine potential costs and timeline implications of your strategies and for those requests that may be presented at the meet-and-confer Step 4: Early Discussions

•

• • •

Formulate a cost-eﬀective yet fair scope of discovery: • Number of relevant custodians • File types and locations • Accessible versus inaccessible ESI • Format of production • Reasonable timeframe Create a record of actions and decisions taken in good faith Maximize cost-shifting opportunities Solidify preservation, privilege, and reduction strategies Step 5: The Initial Meeting

•

• • •

Bring with you: • Content map • Budgeting information • All backup documentation • Expert who is knowledgeable about the entire electronic discovery process • Blank calendar for on-site planning Have some low exposure, low-cost items to use during the negotiation Control your own destiny, if you can, by coming to an agreement Promise only what you are certain you can deliver.

9.12. UPDATING YOUR PLAN

The DRP should not be set in stone with only a chisel for periodic amendments. It is a living document, one that you will want to amend as experience delivers valuable information about how your team and your company execute the plan. Each time the DRP is activated, you will discover gaps in its implementation. The good news is you will also identify places where it is working quite eﬀectively. Make notes of these variances from the norm

E M B E DDI N G T H E P R O G R A M

[ 117 ]

and incorporate the information into the plan. This is the way to eventually reach a (still-ﬂexible) DRP with repeatable steps that produce outstanding and predictable outcomes. If you have assessed your company thoroughly, staﬀed up properly, and educated your team about the implementation of the discovery response plan, you will ﬁnd that your company will derive substantial beneﬁt as you become more adept at using this plan. Your preparation for confronting the inevitable—discovery in litigation or investigation—will be rewarded.

[ 118 ]

Litigation Readiness

C HAPTER 10

Litigation Readiness: Gateway to Information Governance Nirvana

10.01. REDEFINING A CRITICAL BUSINESS PRACTICE

Information governance” is one of the practices that have been completely altered by the proliferation of electronic data. In the days of paper, the term “information governance” referred to the tracking and storing of physical assets that had been designated as business records. Accepted information governance practices ensured the safekeeping and ultimate disposition of paper records, according to predeﬁned retention policies. By placing the “record” in a box, labeling it properly, and ensuring someone owned the retention and disposition process, information governance was complete. The policies on how to identify, preserve, retrieve, and produce those records for litigation was managed on a case-by-case basis. In today’s world of electronically stored information (ESI), that old deﬁnition, if followed, could deﬁne disaster for the company.

10.02. KEEPING UP WITH DATA CREATION

Today, evidence is created at the speed of electrons and replicated at gigabit-per-second speeds. Under such conditions, the practice of information governance becomes inﬁnitely more complex. What constitutes a record, and knowing where and how records are created, duplicated, modiﬁed, or deleted (or not), varies from department to department and organization to organization. Then there’s the matter of understanding how to handle the billions of bits of information not deﬁned as records. Much of this material is now

subject to discovery under the Federal Rules of Civil Procedure, including personal communications, document drafts, and database content.

10.03. BATTLING THE GIGABYTE

With one gigabyte equal to a billion bytes and constituting 75,000-plus pages of printed materials, the amount of ESI that must be managed for electronic discovery (e-discovery) is mind-boggling. It is a monumental challenge for any company to ensure that records management practices reﬂect information governance policies—should such policies exist in the ﬁrst place. Taking a disciplined approach to information governance for e-discovery is crucial. But mastering the task is possible once your organization has made the commitment to become litigation ready.

10.04. DEFINING THE NEW INFORMATION GOVERNANCE [A] Striking the Balance

The term “governance” typically refers to the information technology (IT) or records management departments developing consistent policies, practices, processes, and decision rights for a given area of responsibility. These same concepts can be applied to actions taken to limit the risks, cost, and burden associated with responding to e-discovery. Information governance for e-discovery speciﬁcally addresses how ESI is captured, organized, accessed, replicated, managed, and ultimately disposed of as part of a routine course of business. Eﬀective governance of ESI can be very diﬃcult, particularly when trying to balance IT requirements with legal discovery demands. Services focused on information governance are speciﬁcally aimed at helping companies become better prepared to eﬃciently and defensibly respond to discovery obligations, while improving collaboration between the legal, IT, records management, and other key departments, thus eliminating costly mistakes and errors.

10.05. STEPS TO MASTERING INFORMATION GOVERNANCE

Governance policies and practices for e-discovery should include consistent guidance on: • •

Restricting the amount of data that is being retained. Deﬁning timeframes and processes for disposition.

[ 120 ]

Litigation Readiness

• • •

Controlling, or minimizing, the replication of ESI across multiple repositories. Establishing “metadata” to aid in classiﬁcation and retrieval of ESI. Outlining the accessibility and security of ESI in its native form.

Strategies for improving information governance, which can have enormous impact on readiness and response for e-discovery, can be organized into ﬁve key areas: 1. Acquire less: Identify opportunities to limit the amount of ESI being created, captured, and stored. 2. Organize better: Improve the way ESI is organized to facilitate awareness and utilization. 3. Improve access: Enhance the ability to access ESI where and when it is needed as a routine course of business. 4. Replicate less: Reduce or eliminate unnecessary copies of ESI. 5. Retain less: Limit retention and dispose of ESI when appropriate.

[A] Practicing Information Governance for E-discovery

A disciplined approach to improving information governance for e-discovery involves four steps: 1. High-level data mapping. To help focus eﬀorts, start by identifying the content repositories that store relevant ESI, based on the anticipated litigation portfolio and discovery intensity for the organization. This stage requires input from IT, legal, records management, and other personnel working collaboratively. 2. Assessing current practices. This step involves assessing current information management policies and practices. How well is the company performing in the areas of personal data management, email management, content management, application data management, storage management, and retention management? Are policies and practices in place to achieve the strategic goals for information governance? 3. Analyzing gaps. Third, analyze the gaps between existing and best practices, relative to the company’s discovery intensity and risk proﬁle, and understand how those gaps aﬀect cost, burden, and risk to the company. Such analysis will assure initiatives have immediate and meaningful impact. 4. Process recommendations. Finally, establish a set of key recommendations and next steps for moving forward. These should address some or G AT E WAY T O I N F OR M AT I O N G O V E R N A N C E N I R VA N A

[ 121 ]

all of the ﬁve strategies outlined above—acquire less, organize better, improve access, replicate less, and retain less—and need to incorporate people, process, and technology considerations. By taking a disciplined and structured approach to information governance for e-discovery, companies can reduce the overall cost and burden of discovery, minimize the risk associated with discovery response, and manage ESI as a strategic asset rather than a liability.

10.06. DISCOVERY DYSFUNCTION

Clearly, a failed discovery process is symptomatic of a much larger problem on the information governance side. The two are directly related. Just ask anyone who has taken a beating over poor discovery outcomes. They know through painful experience that the company’s information was badly managed. The challenge becomes to ﬁx the company’s system for information governance so that discovery is enhanced simultaneously. In our experience, a key to discovery success is starting by having the ability to search a well-organized data system. If you know where everything is stored and you know why it was stored where it was stored, and there is a system in place designed to regularly and logically manage information, your search for relevant data should proceed smoothly. All the technology in the world won’t help you if you have organized your data and documents poorly. That’s why it is vitally important to put in the eﬀort up front to reorganize your information governance process with e-discovery in mind.

10.07. 90 PERCENT ORGANIZATION

Oliver Marks, author of the e-discovery blog Collaboration, refers to this all-too-common situation of poor information governance in a post, “eDiscovery Legal Mineﬁeld Migraines.” Marks notes that “Legal often sets a poor example for information governance by overproducing electronic data, refusing to organize it properly, then thrashing about and complaining to IT when response to yet another discovery request goes awry.” He argues for better collaboration between critical discovery response plan (DRP) team members. While noting that there are technological solutions

[ 122 ]

Litigation Readiness

available that are helpful, Marks believes that a better plan is to focus ﬁrst on organizing the material so that it can be found, preserved, and collected, then looking for the tools to enhance the task of organizing e-data. “Thinking outside the software box about retention logic is an important component of collaboration planning strategy; many larger companies assume that the baked in tools within Microsoft SharePoint and large software applications will save their bacon when the lawyers come knocking,” Marks says. “The reality, however, is that this issue is 90% about how you’ve organized your stuﬀ and 10% about where you keep it and how you access it.”

10.08. THE 80 PERCENT SOLUTION

Marks makes a point well worth remembering: E-discovery mastery relies heavily on approaching the task from a pragmatic standpoint. Like any other initiative, you have to play the percentages. The objective should be to achieve what the courts will view as compliance and good faith behaviour without wrecking the company by being either overzealous or completely insensitive to the risks involved. Cutting edge software will help you master best practices, and more is coming on the market every day. But software cannot ﬁx a process ﬂawed by unreasonable expectations or one driven by milestones that are at odds with one another. Yes, mapping and organizing the immense universe of electronic data within your corporate systems can seem overwhelming. Looked at from the wrong end of the equation, one would be inclined to remark, with despair, “No sooner will I have my universe mapped and organized than it will need to be done again!” Happily, such is not the case. Because what you really need to pay attention to is the pertinent data that is responsible for 80 percent of your true exposure to risk.

10.09. THE GENERAL LIABILITY TEST

Think of e-discovery mastery as though it were any other area of corporate liability. If you ran a health care organization, you would face all sorts of risks of varying degrees of exposure. But if you attempted to completely insulate your health care system from risk, you’d be spending most of your resources trying to prevent the high number of low-exposure risks such as slip-and-falls in the parking garage or disputes over relatively minor billing errors.

G AT E WAY T O I N F OR M AT I O N G O V E R N A N C E N I R VA N A

[ 123 ]

In fact, well-run health care organizations focus most of their attention on reducing exposure to major mistakes in the operating room—because that’s where the true ﬁnancial exposure (and tragedy) resides. One death or long-term coma due to an anesthesiologist’s mistake can translate into millions of dollars in liability, whereas most slip-and-falls can be settled out of court for a few hundred dollars. Setting aside for a moment the scale of human tragedy involved, even from a purely economic standpoint, where would you dedicate most of your exposure resources?

10.10. PRIORITIZE AND PROSPER

Applying this paradigm to e-discovery, one would design a process that prioritizes, at a higher level, the mapping and organizing of types of data produced by the company. This prioritization will be driven by what it is that your company does. Let’s say you run a food service business. Lots of employees, lots of individual meals served—lots of exposure right there. Any electronic data created or managed by the human resources department, for instance, would be a priority. Data that ﬂows between your suppliers and your procurement department would be high on the list. (Where did that bad ﬁsh come from???!!!) And so on. Look to databases that could contain evidence to support a claim either by or against you in court. In addition, think about areas of operation that could be subject to a government inquiry. Remember, it isn’t the number of incidents that drives your process, but the incidents that could lead to bet-the-company litigation or investigation.

10.11. ASCENSION OF THE CIO [A] Evolution of the CIO

The position of chief information oﬃcer (CIO) as we know it today has its roots in the 1970s. As computing moved from academia and the military into the corporate domain, someone had to manage the physical equipment required to support the early stages of business computing. Frequently, this was someone with an accounting or computer programming background, who could also repair machinery. The primary responsibility this person had was to manage the physical equipment—servers, mainframes, application software, and so forth. As computers swept through the corporation, the job began to merge with records management. Not true records management yet—companies

[ 124 ]

Litigation Readiness

still had someone else in charge of records keeping and production of paper documents. The CIO’s job was to manage the electronic data produced by the computer system, and to keep the machinery and software working and up to date. The position was considered vital in its own way, but certainly not a pathway to the executive suite. After all, few understood these “technocrats,” and they were essentially cut oﬀ from the inner circle of executives who charted the course for the enterprise.

10.12. THE CIO’S NEXT FRONTIER

All that changed in the 1990s as the role of the CIO (a title that now existed) shifted to managing information, not data. Though subtle at ﬁrst, the change was inevitable, inalterable, and irrevocable. The old records keepers with their stacks and metal shelves and mountains of paper documents typically couldn’t adjust. They only dealt with and understood a tiny sliver of the data being produced every second by the company. Meantime, the technocrats had been paying attention. They saw the future, knew they were part of it, and began to suit up for a higher calling. The CIOs knew from their familiarity with the company’s electronic data that threats lurked within the data universe. They realized that, because of the requirements and implications of data management, they needed to become more than mere button pushers. Simply being on call to respond/ react to “emergencies” or to serve up data upon request wouldn’t get the job done any longer. The smart ones saw that they needed to understand all of the risk management contexts around having this data—the infrastructure for which they alone were truly responsible.

10.13. THE CFOS TAKE THEIR SHOT

With the dotcom era, technology began to drive business strategy instead of business strategy driving technology. This led to the CIO being elevated at last to the business management table. Because the CIO now has control over all the information levers, he or she is constantly asking: “How is this information being created, accessed, managed, stored, and disposed of? What are the patterns? What are the risks? What don’t I know about the data? Even if other people are making the business decision behind it, don’t I have to be a driver of that agenda in order to be an eﬀective manager?” So the new CIO agenda is to get to information risk management and be a key player in risk management for the corporation.

G AT E WAY T O I N F OR M AT I O N G O V E R N A N C E N I R VA N A

[ 125 ]

But the CIOs had to wait their turn for a shot at the top. CIOs were just coming into their power as the chief ﬁnancial oﬃcers (CFOs) were already ﬂexing their muscle. During the late 1980s and early 1990s, CFOs were being elevated to the executive suite and taking a seat at the business management table. A lot of CFOs became chief executive oﬃcers (CEOs) because there was a whole enterprise resource planning management revolution going on. The CFO understood the numbers; after Enron, et al., it was natural for boards of directors to look to CFOs to clean up the balance sheet and ease the concerns of anxious investors. The CFO was seen as objective, rigid, trustworthy, and, above all, cautious. Put an accountant in charge and we can all sleep well at night. By mid-2007, the ﬂaw in that line of thinking was becoming painfully obvious. The CFO/CEO might know the numbers, but as far as being able to manage the risk/opportunity equation, the CFO/ CEO had often lost all sense of proportion.

10.14. CIO/GC: JOINED AT THE HIP

Today, it is clear that a diﬀerent discipline is needed to steady the ship: someone who understands the subtle balancing act of risk and opportunity. And that positions the general counsel (GC) as someone whose time has arrived. The GC’s ascension started well before the ﬁnancial market meltdown. With litigation exploding and government investigations becoming commonplace in the 1980s and 1990s, the GC solidiﬁed a spot on the business management team. Recent events have simply served to further enhance the GC’s innate qualities and skills. The GC has the tools and training to be a CEO in the current environment. The GC often comes out of a law ﬁrm background, one that prizes ethics and ethical boundaries, and the relationship between risk and reward. Balancing risk and opportunities is part of the very fabric of the general counsel—that’s how they operate. This balancing act has become the fundamental crux of the corporation in many cases. So you see company after company promoting the general counsel to a major operating role in the corporation. And increasingly, you’ll ﬁnd the CIO right by the GC’s side.

10.15. ELEVATED CIO SIGNALS GOOD GOVERNANCE

The CIO is essentially the partner and enabler to the general counsel. The CIO is right next to the GC because of the importance of managing the

[ 126 ]

Litigation Readiness

risk/opportunity balance inherent within the data universe. So the CIO’s agenda should be one with the GC’s agenda. And they both should be key agenda items for the CEO. The key takeaway here is that it’s not about the ﬁnancial management of the company. It’s about the governance of the company. It’s about the overall behavior of the company. The CFO seemed the logical pathway to the CEO at one point because the CFO manages the money. But it turns out that the money—and the numbers and data and documents that represent that money within the data universe of the corporation—is just a small fraction of the data that matters to the health of the company. The true responsibility for managing all the data that matters falls to the CIO and managing the risk associated with the data lies with the GC. Hence, the CIO’s and the GC’s ascendency to the business management team and even the ultimate executive swivel chair is not only assured, but it must happen if a company aspires to true corporate governance.

10.16. REWARDS OF MASTERY

The inevitability of the CIO’s or GC’s ascendency within the organization is inextricably linked to the inevitability of litigation that will test a company’s e-discovery mettle. The discovery phase of litigation can either be a pitched battle for all the marbles, or a mere skirmish that sets the tone for the ultimate resolution of the matter at hand. Companies that refuse to recognize this reality do so at their peril. The age of e-discovery is upon us. Those who go into battle armed with a viable, ﬂexible, and well-designed litigation readiness process will gain the high ground. And they won’t have to wait long to savor the results of their hard work and visionary thinking.

G AT E WAY T O I N F OR M AT I O N G O V E R N A N C E N I R VA N A

[ 127 ]

This page intentionally left blank

I NDEX

Acme Corporation, 3.01, 3.07 APGAR Scale, 2.08, 4.02, 4.03, 4.04 Assessment, 2.03, 2.07, 3.01–3.19, 4.01–4.12 as basis for establishing proportionality, 2.06 cost proportionality, 3.03 cultural change, 3.07 decision-making process, employees and, 3.19 of discovery intensity, 3.04 early evidence, 6.03[E] litigation readiness, structured approach to, 4.02 methodology, 4.09 as mineﬁeld, 2.08 process gaps documentation, 3.10, 3.14 process identiﬁcation, 3.12 results, 4.11, 5.01 of risk vs. cost, 5.06[A] self-assessment, 3.02 to uncover gaps, 4.06 Associate general counsels (AGCs), 3.01, 4.12[A], 4.12[D] Audience, litigation readiness, 9.04 Board chair, 9.04, 9.07 Business process big bang vs. iterative approach, 2.04 components of, 1.01[A] consequences of, 1.02 cost, 1.02[A][2] cycle time, 1.02[A][3] decision framework in, 1.04[A] deﬁned, 1.01

distributing ownership, 4.12[E] e-discovery. See Electronic discovery (E-discovery) gaps, proper documentation of, 3.10 improvement, APGAR and, 4.03 internalize cultural aspects, 2.11 linear/nonlinear, 3.17 of litigation, 1.03 management controls, 1.01[A][4] metrics, 1.01[A][5] organized, 6.02 people and, 1.01[A][1] questionnaire and, 4.10 risk, 1.02[A][1] steps, 1.01[A][2], 2.03 technology/tools, 1.01[A][3] Business-to-business litigation, xxv, 3.08 Charters, DRT, 7.06, 7.07 Chief executive oﬃcers (CEOs), 9.04, 9.07, 10.13 Chief ﬁnancial oﬃcers (CFOs), 10.13, 10.15 Chief information oﬃcer (CIO), 10.14 agenda, 10.15 evolution of, 10.11[A] inevitability of, 10.16 role of, 10.12 Collaboration, 10.07 Collection, of evidence e-discovery and, 1.03[B][3] Consultants role of, litigation readiness and, 4.12[F] Content map, ESI, 3.11 DRP and, 6.04[A]

Corporate liability e-discovery mastery, 10.09 Corporate litigation, 3.9 Cost lack of business process and, 1.02[A][1] management of, 1.04[A] risk vs., 5.06[A] Cultural change, 3.07 Cycle time lack of business process and, 1.02[A][1] management of, 1.04[A] Data processing, e-discovery and, 1.03[B][4] Department heads, 9.04, 9.07 Discovery counsel, 7.01. See also Oﬃce of Discovery Counsel beneﬁts of, 7.01[A] discovery response manager, 7.01[E] key team leader, 7.01[C] liaison status, 7.01[B] Discovery response manager role of, 7.01[E] Discovery response plan (DRP), 1.05[A], 4.11[A]. See also Electronic discovery (E-discovery) collection, 6.03[D] detailed workﬂow, 6.04[A] early evidence assessment, 6.03[E] elements of, 6.01 ESI content map and, 6.04[A] explanation of, multimedia approach and, 6.09 format of, 1.05[B] format/presentation of, 6.07[B] gap analysis, 6.07[A] identiﬁcation, 6.03[B] impact of, on HR, 9.05 intranet and, 6.10 Just Good Enough approach and, 1.05[C] key members of, 6.05[B] matter initiation, 6.03[A] meet-and-confer conference and, 9.11 outside counsel guidance to, 6.07[C] people and, 6.05[A]–6.05[B] physical material, 6.10

[ 130 ]

Index

preservation, 6.03[C] processing, 6.03[F] production, 6.03[H] reference materials, 6.04[A] summary workﬂow diagram, 6.04[A] tools and technology, 6.06 updating of, 9.12 views on, 6.08 webcasts and, 6.09 workbook, 6.04[A] Discovery response team (DRT). See also Litigation response team building, steps for, 7.02, 7.06 charter, setting up, 7.06 discovery counsel. See Discovery counsel dynamic, 7.07[C] identiﬁcation of departments/ people, 7.06 structures and constituencies, 7.04 tasks/workﬂow, 7.06, 7.07[B] Document review, e-discovery, 1.03[B] [5], 6.03[G] Documents, production of e-discovery and, 1.03[B][6] Electronically stored information, xx Electronically stored information (ESI), xx, 1.01[A][2], 1.03[B][1], 3.03, 6.03[G] content map, 3.11, 6.03[B] discovery after, xx–xxi e-discovery and, xxvi eﬀective governance of, 10.04 lawyer’s role in, xxiii Electronic discovery (E-discovery), xx, 3.05, 3.08, 4.11[A]. See also Discovery response plan (DRP) basics of, 1.03[B] costs of, 3.03 current state of, 4.12[C] data processing, 1.03[B][4] document review, 1.03[B][5] dysfunction, 10.06 elements of, documentation of, 8.02 ESI and, xxvi Federal Rules of Civil Procedure and, xxii–xxiii guiding principles, 1.05 identiﬁcation process, 1.03[B][1]

impact of Zubulake on, xxi information governance for. See Information governance intensity, assessment of, 3.04 job-producing engine, 7.08[A] Just Good Enough approach and, 4.11[C] mastery, measuring for, 4.01 “meet-and-confer” conference for, 9.10 as opportunity, 5.04 preservation step of, 1.03[B][2] process of evidence collection, 1.03[B][3] production of documents, 1.03[B][6] response team. See Discovery response team (DRT) as threat, 5.04 Electronic Discovery Reference Model (EDRM), 1.03[A] Electronic documents, xx, xxiv Embedding, 2.03, 2.14, 3.15 guiding principles, 9.01 litigation readiness, 9.01–9.12 Evidence, creation of, 10.02 Federal Rule of Evidence (FRE) 502, 6.08 Federal Rules of Civil Procedure (FRCP), 1.03[B][2], 3.08, 6.01, 10.02 amendments to, 3.13, 3.17 e-discovery and, xxii–xxiii Rule 26(f), 9.11 Federal Trade Commission (FTC), 3.05 FRE 502. See Federal Rule of Evidence (FRE) 502 Gelbmann, Thomas, 1.03[A] General counsel (GC), 8.04[A], 9.04, 9.07, 10.14 Human resources department (HR) impact of DRP on, 9.05 Implementation, 2.03, 2.12 of litigation readiness, 8.01–8.10 Information governance deﬁned, 10.01, 10.04 for e-discovery, 10.05[A] steps to mastering, 10.05

strategies for improving, 10.05 Intranet, DRP and, 6.10 Just Good Enough approach, 1.05[C], 2.08, 4.11[B] e-discovery and, 4.11[C] for litigation readiness, 4.11[E] Legal hold notice, 1.03[B][2] acknowledgments of, 6.03[C][2] best practices in, 6.03[C][2] common mistakes, 6.03[C][1] creation of, 8.03[B][1] documentation, 6.03[C][2] mastering, 8.03[B] refreshing, 6.03[C][2] repeatable process, 6.03[C][2] transparent, 8.03[B][3] Line-of-business managers as key member of DRP, 6.05[B] Litigation, 3.05 of business process, 1.03 business-to-business, 3.08 e-discovery. See Electronic discovery (E-discovery) Litigation readiness assessment. See Assessment audience, 9.04 baseline for, setting, 4.04 big bang vs. iterative approach, 2.04 business process for, 2.01–2.18. See also Business process communication points, 9.06 constituencies, 8.01 continuous improvement focus, 2.05 as corporate change agent, 8.09 framework for, 1.01–1.05 implementation, 8.01–8.10 incorporation, into corporate ethos, 5.02 inevitability of, 9.02 information governance. See Information governance Just Good Enough approach for, 4.11[E] launch, 8.06 layers of, 8.05. See also Assessment marketing of, 8.04 mastery, 4.01 measurement, 6.07

Index [ 131 ]

Litigation readiness (Cont’d) outcomes of, communicating, 8.10 outside counsel role in, 2.15 overview, xix–xx people factor in, 2.13 planning. See Planning proactive, adoption of, 5.03 questionnaire, 4.05 reactive vs. responsive lawyering, xx role of consultants and, 4.12[F] selling, 9.03 structured approach to, 4.02 takeaways, 8.01 Litigation response team. See also Discovery response team (DRT) establishment of, 7.01–7.08 takeaways, 8.02 Management controls, as business process component, 1.01[A][4] Marks, Oliver, 10.07 Metrics associated with litigation readiness, 9.06 as business process component, 1.01[A][5] Microsoft Exchange Server, 1.01[A][3] Mutually Assured Destruction, 3.08 Oﬃce of Discovery Counsel, 7.03[A]. See also Discovery counsel deﬁning, 7.01 Outside counsel guidance, to DRP, 6.07[C] as key member of DRP, 6.05[B] role of, in litigation readiness, 2.15 selection of, 2.16 Ownership, distribution of business process, 4.12[E] Pareto principle, 1.05[C] People as business process component, 1.01[A][1] discovery response plan and, 6.05[A]–6.05[B] litigation readiness and, 2.13 Philip Morris, United States v., xxv Planning, 2.03, 2.10, 3.15, 4.11, 5.01–5.14

[ 132 ]

Index

begins with introspection, 5.01 defensible diverse processes, 3.16 discovery response, 4.11[A] documentation, 5.09 executive sponsorship vs. executive involvement, 5.14 initiatives, 5.13[A], 5.13[B] purpose of, 5.10 team, building, 5.13 Policy, 5.12[C] Political environment, of organization, 4.12[D] Process/plan, 5.12[A] Proportionality, 4.11[D] Protocol, 5.12[B] Qualcomm Inc. v. Broadcom Corp., xxivn3 Questionnaire business process gaps and, 4.10 litigation readiness, 4.05 Risk-aversion, of organization, 6.07[B] Risks vs. cost, 5.06[A] identiﬁcation of, 3.06 lack of business process and, 1.02[A] [1] management of, 1.04[A] in preservation, 4.07 proﬁles, framework creation for, 4.08 Rust Belt, 4.12[A] Sarbanes-Oxley compliance program, 6.11 Securities and Exchange Commission (SEC), 3.05 Sedona Conference, 1.05 Self-assessment, 3.02 Socha, George, 1.03[A] Socialization, 5.02 assessment results, 5.01 elements of, 5.05 Software, for DRP, 6.06 Stakeholders selection of, for planning team, 5.13[C] Structured data, 1.03[B][4] Technology big bang vs. iterative approach, 2.04

as business process component, 1.01[A][3] DRP, 6.06 Third-party suppliers as key member of DRP, 6.05[B] Total quality management (TQM), 8.10[A] “Tribal knowledge” method, 3.11 Unstructured data, 1.03[B][4] User-created data, 3.03

Victor Stanley, Inc. v. Creative Pipe, Inc., 5.11 Webcasts, DRP and, 6.09 “What’s in it for me (WIFM),” 3.07 Zubulake, Laura, xxi Zubulake v. UBS Warburg, xxin2 decisions, xxii e-discovery and, xxi

Index [ 133 ]