Discovery Resources

By Laura Webster, Solution Design Architect, Fios, Inc.

Data processing for e-discovery requires expertise in various technologies. Electronically stored information (ESI) populations generally contain large volumes of disparate file types. For an e-discovery project to be successful, this data must be processed and aggregated quickly and reliably.

Your e-discovery partner should be able to help you:

• Fully inventory and uniquely identify each file in the data population for file accountability.
• Collaborate with the response team to address security and encryption methods used in email, container and other file types to ensure all appropriate decryption methods are attempted.
• Extract file content and metadata from the files, such as e-mail routing data, file property data and other “hidden” data that can be relevant during discovery prior to any other data handling to avoid spoliation.
• Recursively extract data from email, compressed files or backup containers to ensure files within containers are extracted and reported on.
• Scan for viruses and remove files prior to processing, and again as items are being recursively extracted.
• Digitally identify each file’s signature to determine its true file type rather than relying on the file’s extension, which is often inaccurate.
• Remove operating system and program (software application) files based on a defensible process, such as the National Institute of Standards and Technology (NIST) list used by forensic experts and law enforcement.
• Identify and remove proprietary system files that are unique to the organization and not included on the NIST list.
• Cull your data based on file type, custodian, date ranges, search terms or any other culling strategies that were agreed to during negotiations with the requesting party.
• Hash all items in order to manage duplicates during review or potentially to remove duplicates prior to review.
• Confirm that the de-duplication strategy is in line with the review strategy and production requirements.
• Assist in implementing the most effective search and indexing technology for culling and reviewer needs.
• Maintain all native files and report on all metadata of documents that were filtered out of the population. This will allow for review and production of these files if the requirements change. 
• Convert the desired electronic documents to common viewable format. Ideally, documents should be displayed in a viewer which exposes content hidden by the user (e.g., hidden Excel columns), maintains native ”look and feel” and eliminates pagination – all while avoiding the need to download the native file. While it is important that the provider be able to make native files available, requiring reviewers to download natives can greatly increase the time and cost of your review.

While this all seems standard, not every provider approaches data processing for e-discovery in the same way. In fact, many try to downplay the importance of the data processing stage. To defensibly process ESI and truly reduce your review costs – the most expensive piece of e-discovery – you need a service provider that has the processing speed, experience and technology infrastructure required to support past, present and future data types as well as anticipated data volumes. When selecting an e-discovery partner, it’s important to answer the following questions:

• What file signaturing and data identification tools does the provider use to accurately identify the more than 4,000 file types encountered in today’s corporations?
• How is the data processing center built? Can it scale to support matters of all sizes, from a few gigabytes up to multi-terabytes? Can it support simultaneous processing and production activities for multiple clients?
• Can technical resources be dynamically allocated, allowing the technician to maximize the efficiency of the equipment in accordance with the processing activity?
• How does the provider approach data inventorying and extraction? Is it a recursive process?
• When you receive your data set from the provider, are the registered system files supported by quarterly NIST updates automatically removed?
• Does the provider support native processing of Microsoft Exchange, Lotus Notes, MBOX and other less common email types, or are the emails converted to a different format, thus jeopardizing the accuracy of the metadata?
• What other sophisticated filtering and culling techniques does the provider offer to eliminate extraneous files?
• What formats does the provider support when converting the documents to a common file type for review? Does the provider maintain access to the native files?
• Can the provider create load files for use in common third-party tools, including Relativity, Ringtail, Concordance, Summation, iCONECTnXT and others?
• What security protocols does the provider have in place to ensure the case data is safe? On-site security guards with sensor-monitored entry points? Keycard and biometric fingerprint authentication? Video camera monitoring and alarm system?

To learn more practical tips about data processing and managing the entire e-discovery process, I invite you to download a complimentary copy of Mary Mack’s popular book, A Process of Illumination: The Practical Guide to Electronic Discovery, here.

Filed under Discerning e-Discovery, Home Page Featured.

 Email This…   Print This…