Automatic Deletion…A Good Idea?
In my last blog, I discussed the concept of Defensible Disposal; getting rid of data which has no value to lower the cost and risk of eDiscovery as well as overall storage costs (IBM has been a leader in Defensive Disposal for several years). Custodians keep data because they might need to reuse some of the content later or they might have to produce it later for CYA reasons. I have been guilty of over the years and because of that I have a huge amount of old data on external disks that I will probably never, ever look at again. For example, I have over 500 GB of saved data, spreadsheets, presentations, PDFs, .wav files, MP3s, Word docs, URLs etc. that I have saved for whatever reason over the years. Have I ever really, reused any of the data…maybe a couple of times, but in reality they just site there. This brings up the subject of the Data Lifecycle. Fred Moore, Founder of Horison Information Strategies wrote about this concept years ago, referring to the Lifecycle of Data and the probability that the saved data will ever be re-used or even looked at again. Fred created a graphic showing this lifecycle of data.
Figure 1: The Lifecycle of data – Horison Information Systems
The above chart shows that as data ages, the probability of reuse goes down…very quickly as the amount of saved data rises. Once data has aged 90 days, its probability of reuse approaches 1% and after 1 year is well under 1%.
You’re probably asking yourself, so what!…storage is cheap, what’s the big deal? I have 500 GB of storage available to me on my new company supplied laptop. I have share drives available to me. And I have 1 TB of storage in my home office. I can buy 1TB of external disk for approximately $100, so why not keep everything forever?
For organizations, it’s a question of storage but more importantly, it’s a question of legal risk and the cost of eDiscovery. Any existing data could be a subject of litigation and therefore reviewable. You may recall in my last blog, I mentioned a recent report from the RAND Institute for Civil Justice which discussed the costs of eDiscovery including the estimate that the cost of reviewing records/files is approximately 73% of every eDiscovery dollar spent. By saving everything because you might someday need to reuse or reference it drive the cost of eDiscovery way up.
The key question to ask is; how do you get employees to delete stuff instead of keeping everything? In most organizations the culture has always been one of “save whatever you want until your hard disk and share drive is full”. This culture is extremely difficult to change…quickly. One way is to force new behavior with technology. I know of a couple of companies which only allow files to be saved to a specific folder on the users desktop. For higher level laptop users, as the user syncs to the organization’s infrastructure, all files saved to the specific folder are copied to a users sharedrive where an information management application applies retention policies to the data on the sharedrive as well as the laptop’s data folder.
In my opinion this extreme process would not work in most organizations due to culture expectations. So again we’re left with the question of how do you get employees to delete stuff?
Organizational cultures about data handling and retention have to be changed over time. This includes specific guidance during new employee orientation, employee training, and slow technology changes. An example could be reducing the amount of storage available to an employee on the share or home drive.
Another example could be some process changes to an employee’s workstation of laptop. Force the default storage target to be the “My Documents” folder. Phase 1 could be you have to save all files to the “My Documents” folder but can then be moved anywhere after that.
Phase 2 could include a 90 day time limit on the “My Documents” folder so that anything older than 90 days is automatically deleted (with litigation hold safeguards in place). This would cause files not deemed to be important enough to moved to be of little value and “disposable”. The 3rd Phase could include the inability to move files out of the “My Documents” folder (but with the ability for users to create subfolders with no time limit) thereby ensuring a single place of discoverable data.
Again, this strategy needs to be a slow progression to minimalize the perceived changes to the user population.
The point is it’s a end user problem, not necessarily an IT problem. End users have to be trained, gently pushed, and eventually forced to get rid of useless data…
Defensible Disposal and Predictive Coding Reduces (?) eDiscovery by 65%
Following Judge Peck’s decision on predictive coding in February of 2012, yet another Judge has gone in the same direction. In Global Aerospace Inc., et al, v. Landow Aviation, L.P. dba Dulles Jet Center, et al (April 23, 2012), Judge Chamblin, a state judge in the 20th Judicial Circuit of Virginia’s Loudoun Circuit Court, wrote:
“Having heard argument with regard to the Motion of Landow Aviation Limited Partnership, Landow Aviation I, Inc., and Landow & Company Builders, Inc., pursuant to Virginia Rules of Supreme Court 4:1 (b) and (c) and 4:15, it is hereby ordered Defendants shall be allowed to proceed with the use of predictive coding for the purposes of the processing and production of electronically stored information.”
This decision was despite plaintiff’s objections the technology is not as effective as purely human review (their objections can be seen here).
This decision comes on top of a new RAND Institute for Civil Justice report which highlights a couple of important points. First, the report estimated that $0.73 of every dollar spent on eDiscovery can be attributed to the “Review” task. RAND also called out a study showing an 80% time savings in Attorney review hours when predictive coding was utilized.
This suggests that the use of predictive coding could, optimistically, reduce an organization’s eDiscovery costs by 58.4%.
The barriers to the adoption of predictive coding technology are (still):
- Outside counsel may be slow to adopt this due to the possibility of loosing a large revenue stream
- Outside and Internal counsel will be hesitant to rely on new technology without a track record of success
- Additional guidance from Judges
These barriers will be overcome relatively quickly.
Let’s take this cost saving projection further. In my last blog I talked about “Defensible Disposal” or in other words, getting rid of old data not needed by the business. It is estimated the cost of review can be reduced by 50% by simply utilizing an effective Information Governance program. Utilizing the Defensible Disposal strategy brings the $0.73 of every eDiscovery review dollar down to $0.365.
Now, if predictive coding can reduce the remaining 50% of the cost of eDiscovery review by 80% as was suggested in the RAND report, between the two strategies, a total eDiscovery savings of approximately 65.7% could be achieved. To review, lets look at the math.
Starting with $0.73 of every eDiscovery dollar is attributed to the review process
Calculating a 50% saving due to Defensible Disposal brings the cost of review down to $0.365. (assuming 50% of documents to be reviewed are disposed of)
Calculating the additional 80% review savings using predictive coding we get:
$0.365 * 0.2 (1-.8) = $0.073 (total cost of review after savings from both strategies)
To finish the calculations we need to add back in the cost not related to review (processing and collection) which is $0.27
Total cost of eDiscovery = $0.073 + $0.27 = $0.343 or a savings of: $1.0 – $0.343 = 0.657 or 65.7%.
As with any estimates…your mileage may vary, but this exercise points out the potential cost savings utilizing just two strategies, Defensible Disposal and Predictive Coding.
eDiscovery Cost Reduction Strategies
In these still questionable economic times, most legal departments are still looking for ways to reduce, or at least stop the growth, of their legal budgets. One of the most obvious targets for cost reduction in any legal department is the cost of responding to eDiscovery including the cost of finding all potentially responsive ESI, culling it down and then having in-house or external attorneys review it for relevance and privilege. Per a CGOC survey, the average GC spends approximately $3 million per discovery to gather and prepare information for opposing counsel in litigation.
Most organizations are looking for ways to reduce these growing costs of eDiscovery. The top four cost reduction strategies legal departments are considering are:
- Bring more evidence analysis and do more ESI processing internally
- Keep more of the review of ESI in house rather that utilize outside law firms
- Look at off-shore review
- Pressure external law firms for lower rates
I don’t believe these strategies address the real problem, the huge and growing amount of ESI.
Several eDiscovery experts have told me that the average eDiscovery matter can include between 2 and 3 GB of potentially responsive ESI per employee. Now, to put that in context, 1 GB of data can contain between 10,000 and 75,000 pages of content. Multiply that by 3 and you are potentially looking at between 30,000 and 225,000 pages of content that should be reviewed for relevancy and privilege per employee. Now consider that litigation and eDiscovery usually includes more than one employee…ranging from two to hundreds.
It seems to me the most straight forward and common sense way to reduce eDiscovery costs is to better manage the information that could be pulled into an eDiscovery matter, proactively.
To illustrate this proactive information management strategy for eDiscovery, we can look at the overused but still appropriate DuPont case study from several years ago.
DuPont re-looked at nine cases. They determined that they had reviewed a total of 75,450,000 pages of content in those nine cases. A total of 11,040,000 turned out to be responsive to the cases. DuPont also looked at the status of these 75 million pages of content to determine their status in their records management process. They found that approximately 50% of those 75 million pages of content were beyond their documented retention period and should have been destroyed and never reviewed for any of the 9 cases. They also calculated they spent $11, 961,000 reviewing this content. In other words, they spent $11.9 million reviewing documents that should not have existed if their records retention schedule and policy had been followed.
An information management program, besides capturing and making ESI available for use, includes the defensible deletion of ESI that has reached the end of its retention period and therefore is valueless to the organization.
Corporate counsel should be the biggest proponents of information governance in their organizations simply due to the fact that it affects their budgets directly.
Information Governance and Predictive Coding
Predictive coding, also known as computer assisted coding and technology assisted review, all refer to the act of using computers and software applications which use machine learning algorithms to enable a computer to learn from records presented it (usually from human attorneys) as to what types of content are potentially relevant to a given legal matter. After a sufficient number of examples are provided by the attorneys, the technology is given access to the entire potential corpus (records/data) to sort through and find records that, based on its “learning”, are potentially relevant to the case.
This automation can dramatically reduce costs due to the fact that computers, instead of attorneys conduct the first pass culling of potentially millions of records.
Predictive coding has several very predictable dependencies that need to be addressed to be accepted as a useful and dependable tool in the eDiscovery process. First, which documents/records are used and who chooses them to “train the system”? This training selection will almost always be conducted by attorneys involved with the case.
The second dependency revolves around the number of documents used for the training. How many training documents are needed to provide the needed sample size to enable a dependable process?
And most importantly, do the parties have access to all potentially relevant documents in the case to draw the training documents from? Remember, potentially relevant documents can be stored anywhere. For predictive coding, or any other eDiscovery process to be legally defensible, all existing case related documents need to be available. This requirement highlights the need for effective information management by all in a given organization.
As the courts adopt, or at least experiments with predictive coding, as Judge Peck did in Monique Da Silva Moore, et al., v. Publicis Groupe & MSL Group, Civ. No. 11-1279 (ALC)(AJP) (S.D.N.Y. February 24, 2012, an effective information management program will become key to he courts adopting this new technology.
EPIC Asks FTC to Investigate Facebook’s “Timeline”
Last year I wrote two blogs titled Spoliation of the Facebook Timeline and Frictionless eDiscovery; social media addicts beware…
which discussed the potential privacy problems with the new Facebook Timeline feature. Yesterday the blog site: The ESI Ninja Blog posted a blog about further developments around privacy and the Timeline feature. The below content is from that blog:
EPIC Asks FTC to Investigate Facebook’s “Timeline”
Posted on January 10, 2012 at 6:44 pm by John M. Horan
When Mark Zuckerberg unveiled Facebook’s new Timeline feature at the company’s Sept. 22, 2011 f8 developer conference, he described it as “The story of your life . . . . All the stuff from your life.” According to a Sept. 22, 2011 Facebook Blog post,
The way your profile works today, 99% of the stories you share vanish. The only way to find the posts that matter is to click “Older Posts” at the bottom of the page. Again. And again.
. . .
With timeline [sic], now you have a home for all the great stories you’ve already shared. They don’t just vanish as you add new stuff.
The Timeline announcement came toward the end of an investigation by the Federal Trade Commission into Facebook’s privacy practices, culminating in the Commission’s Nov. 29, 2011 announcement that Facebook had agreed to settle FTC charges “that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public.” In general outline, the FTC said, the proposed settlement
bars Facebook from making any further deceptive privacy claims, requires that the company get consumers’ approval before it changes the way it shares their data, and requires that it obtain periodic assessments of its privacy practices by independent, third-party auditors for the next 20 years.
Three days before the Dec. 30, 2011 close of the 30-day comment period on the proposed settlement, privacy rights organization Electronic Privacy Information Center (EPIC) urged the FTC to investigate whether Facebook’s new Timeline feature complies with the terms of the proposed settlement. Echoing some of the concerns it raised in a Sept. 29, 2011 letter to the FTC regarding “frictionless sharing,” EPIC’s Dec. 27, 2011 letter to the FTC asked the Commission to: <the rest of the blog entry can be viewed here>
Can you wipe your twitter ramblings, and should you?
In December of 2011, the Library of Congress and Twitter signed an agreement that will eventually make available every public Tweet ever sent as an archive to the Library of Congress.
While writing a blog post last week, I began to wonder how long all my twitter postings would be available and who could look at them. For the fun of it, I went back through approximately 6 months of my old twitter postings, re-tweets and replies (yes you can do it, it’s relatively easy and you can look at anyone’s).
I’ve been pretty good about keeping my twitter posts “business-like” and have steered away from personal stuff like “I just checked in to the Ramada Inn on route 11…can’t wait for the evening to begin!”, or “does anyone know how to setup an off-shore bank account?” or “those jerks over at Company ABC are a bunch of losers”. But many tweeters aren’t so disciplined and have posted stuff that could come back to haunt them later. I could imagine a perspective employer reviewing a candidate’s twitter history or even worse an attorney conducting research for a case using the public twitter archives to create a timeline.
With that in mind, could you delete your twitter postings and should you? Twitter does allow you to delete specific tweets one at a time but as far as I can determine, Twitter does not give you the ability to delete your entire twitter history short of deactivating your account. From the Twitter website:
How To Delete a Tweet
If you’ve posted something that you’d rather take back, you can remove it easily. When you hover over your Tweet while viewing your home or profile page, you’ll see a few options appear below the message.
To delete one of your Twitter updates:
- 1. Log in to Twitter.com
- 2. Visit your Profile page
- 3. Locate the Tweet you want to delete
- 4. Hover your mouse over the message (as shown below), and click the “Delete” option that appears
Voila! Gone forever… almost. Deleted updates sometimes hang out in Twitter search. They will clear with time.
We do not provide a way to bulk delete Tweets. If you’re looking to get a “fresh start” on your Twitter account without losing your username, the best way to do this is to create a temporary account with a temporary username, and then switch the username between your current account and the temporary account. Please see our article on How to Change Your Username for more info.
On December 30, 2011, CNET published a story titled “How to delete all your tweets” which highlighted a product called TwitWipe. TwitWipe is a free tool that allows you to delete ALL your past tweets in one fell swoop. This may be handy because you can clean out your twitter account and start fresh without changing your username and dumping all your hard won followers.
This is an interesting capability but I think the more important question is why would you use this drastic of a step? The four most obvious reasons one would want to delete all their twitter postings and start fresh would be:
1. You went through an unfortunate period in your life that you would rather forget
2. You were regularly conducting criminal activities through your Twitter account
3. You are considering a run for the presidency
4. For whatever reason, you don’t want your twitter postings archived and available at the Library of Congress
The ability to delete ESI can be dangerous if done at the wrong time, especially if civil litigation is anticipated. Deleting a single tweet or every tweet you have ever posted can be construed as destruction of evidence if those tweets could have been relevant in litigation. ESI, no matter its format or where it’s stored, is potentially evidence and should be at least considered when protecting ESI for litigation hold. Attorneys on both sides need to include social media content like twitter postings in their eDiscovery plans and be sure to warn all custodians about deleting/editing social media content once litigation is anticipated.
Discovery of Information on Personal Facebook Profile
From the E-Discovery Law Review Blog:
A Pennsylvania court recently decided that information posted by a party on their personal Facebook page is discoverable. Largent v. Reed, Case No. 2009-1823 (C.P. Franklin Nov. 8, 2011) arose out of a chain-reaction automobile accident in which the plaintiffs, who were riding a motorcycle, were hit by a minivan that was hit by the defendant. Plaintiffs claimed serious and permanent physical and mental injuries, pain, and suffering as a result of the accident.
During the deposition of one of the plaintiffs, defense counsel discovered that the plaintiff/deponent had a Facebook profile that she regularly accessed. The defendant then accessed Plaintiff’s public profile and saw posts that contradicted her claims of serious injury.
Huge French Company Cuts off Nose to Spite Face
Susanna Kim of ABC published an article on November 29th describing how a French company has decided to implement a “Zero Email” policy, a policy banning employees from sending internal emails.
The CEO of Atos, Thierry Breton, (a French information technology company!) has said that only 10 percent of the average 200 emails employees receive per day are useful and 18 percent are spam. Because of this statistic, he hopes the company can eradicate all internal emails in the next 18 months forcing the company’s 74,000 employees to communicate with each other via instant messaging and other Facebook style interfaces.
This reminds me of the story about an HR VP who was so tired of employees calling her with questions and problems she stopped answering her phone. She had 30 whole minutes of peace… until employees figured out where her office was.
Why not stop all internal phone calls? It would seem to me that internal phone calls would have the same “waste” statistic. How about this… program your corporate phone system to not allow any calls from one internal number to another and instruct employees that to contact internal employees, they must use Skype. That should solve the problem, right?
Email has become a wildly successful world-wide business productivity tool. To force thousands of employees to abandon it for other types of communications technology doesn’t seem to address the problem. Won’t only 10 percent of employee’s communications using the new communications solutions be useful as well. Is there something magical about the new technology that won’t allow employees to send wasteful communications?
The other problem that arises with this particular strategy is the problem of litigation holds and eDiscovery. Email systems are well known and technology exists to enable organizations to handle email in a legally defensible manner. It seems to me an organizations risk of insufficient eDiscovery and spoliation will rise with a switch to a new communications technology.
The problem is not the technology… its employee’s use of that technology. If 70-90 percent of emails employees send internally is junk, then train the employees on proper etiquette and use policies around the use of email. Train employees to not “reply all” or “BCC” on every email. Audit employee use of the email system and punish those that misuse it.
Running away from one of the most useful business tools ever seems like a gigantic over-reaction.
Facebook Spoliation Costs Widower and His Attorney $700K in Sanctions
The below article is from Abovethelaw.com by Christopher Danzig
In 2008, truck driver William Donald Sprouse pleaded guilty to charges of involuntary manslaughter for the accidental death of 25-year-old Jessica Lester. According to a bluntly-written news article from the time of the trial, Sprouse’s “truck rounded a corner on two wheels, flipped and rolled over onto Lester’s car, a crushing sixty thousand pounds landing where Jessica sat.”
Jessica’s parents and her widower, Isaiah Lester, won a massive wrongful death suit in 2010 against Sprouse and his employer at the time of the accident, Allied Concrete Company. A Virginia jury awarded them a massive $10.6 million. Clearly, the family’s wounds were still fresh.
But the courtroom odyssey was not over.
On October 21 (nearly a year later), Judge Edward Hogshire signed a “final order” (PDF) cutting the jury verdict in half in Lester v. Allied Concrete Company and William Donald Sprouse, and penalizing Lester and his attorney, Matt Murray, a combined $722,000 in sanctions:
Whereas, the court, having reviewed the evidence and arguments of counsel and carefully considered the extensive pattern of deceptive and obstructionist conduct of Murray and Lester resulting in the sanction award, finds that most of the substantial fees and costs expended by Defendants were necessary and appropriate to address and defend against such conduct…
To read the entire article, click here.
