Lighthouse Blog

The landscape for Hart-Scott-Rodino (HSR) filings has undergone immense flux over the last two years. The economic upheaval of the COVID-19 pandemic and regulatory shifts of a new presidential administration have impacted both the volume of large merger and acquisition (M&A) transactions and the scrutiny they receive from regulatory agencies. This makes it hard for businesses and law firms to know what to expect from upcoming M&As, including the likelihood of receiving a Second Request and how regulators will handle that investigation.Data on recent Second Requests can help by giving parties at least a general sense of what their peers are experiencing. Official numbers for 2021 won’t be published until autumn of this year — but we can look at past trends to try to predict those numbers to a reasonable degree.A close reading of historical data and current context suggests something of a paradox: The number of Second Requests in 2021 was likely fairly high but, at the same time, may have represented a historically small share of the year’s HSR filings. This is due to the extraordinary surge in HSR transactions and other factors, which are summarized below. For a full analysis, see our 2021 Second Request Trends Report.HSR filings plummet and rebound amid pandemic In 2020, the economic lockdown and business hesitancy caused by the COVID-19 pandemic brought HSR filings to their lowest total in 7 years. The Federal Trade Commission (FTC) and Department of Justice (DOJ) reported 1,673 filings for the year, of which 48 resulted in Second Requests. While this is less than the 61 Second Requests issued in 2019, it reflects the same annual percentage. That rate of 3% is slightly higher than the rates in both 2017 and 2018, which landed between 2 and 2.5%.Then, the economy surged in late 2020 and early 2021, bringing HSR filings with it. Preliminary data from federal agencies show HSR filings in 2021 more than doubled from the year before, reaching 3,644.Second Requests in 2021 likely resembled 2020 Most likely, the number of Second Requests in 2021 was close to the total in 2020. However, that means the percentage rate of Second Requests versus total HSR filings likely dropped significantly, by half or more.This is because maintaining the 3% rate from 2019-2020 seems unattainable. At that rate, agencies would have to investigate more than 100 proposed M&As — far beyond anything we’ve seen in the last 20 years.It’s also far too many for the FTC and DOJ to manage, given their recent struggles with capacity. Since December 2020, both agencies have made multiple budget requests and policy changes to help them keep up with the volume of transactions and workload associated with them. For example, FTC officials have publicly called for more time to review filings, saying the traditional review period of 30 days hasn’t, “kept pace with the increased volume and complexity of transactions and their related data and documents.”A more realistic rate for 2021, therefore, is somewhere between 1 and 2%. That would produce around 50 Second Requests — a total consistent with last year, as well as the average annual number over the last 20 years.HSR is more complex for everyone While HSR filings have clearly bounced back from their dip in 2020, the overall Second Request landscape is marked by complexity and uncertainty. Officials continue to make and seek revisions to regulations, making the terms of engagement a moving target. The soaring data volumes and diverse data sources cited by the FTC pose challenges for companies as well, who may find it increasingly difficult and expensive to meet HSR deadlines and other requirements.This was evident in a recent survey conducted by Lighthouse of more than 100 experts from corporations and law firms, who selected the following challenges as top of mind during the Second Request process:Getting the data in and processed quicklyEnsuring the deal goes throughProducing quicklyChoosing the right technologyThese responses underscore the need for parties to accurately read the landscape and leverage outside tools and expertise to improve speed and efficiency.For a deeper dive into the Second Request landscape, including insights from experienced attorneys in the field, a detailed primer on regulatory changes, and what to expect in the current year, check out our 2021 Second Request Trends Report.antitrusthsr-second-requests, blog, acquisitions, mergers, antitrusthsr-second-requests; blog; acquisitions; mergerslighthouse

This year’s Legalweek conference was back to an in-person event in New York City — a significant change from the virtual format in 2021. Folks who hadn’t seen each other in person in over two years (or met for the first time in person) were able to talk and exchange ideas while sharing a hug, a meal, or a drink. Over and over again, the words, “It’s so good to see you, in person!” echoed throughout hallways and conference rooms. But as good as it feels to reconnect, it was also abundantly clear that the pandemic has fundamentally and permanently altered our world. There is no return to the “normal” we knew prior to March of 2020. The pandemic has changed us. Over the last two years, we have reprioritized what’s important in our lives, which has changed not only where we work, but how we work. And technology, as it always does, has evolved to keep up with those changes. As we emerge into this new world, our eyes blinking in the sun, these changes may fill us with anxiety. Change, after all, can be scary. But as Don Draper, the fictional Madmen character, once said when talking to a client about cultural change in 1960s New York City: “Change is neither good nor bad, it simply ‘is.’ It can be greeted with terror or joy — a tantrum that says, ‘I want it the way it was,’ or a dance that says, ‘Look, something new!’" Below, I’ve outlined some key industry changes that were discussed throughout Legalweek, as well as how legal technology companies can help law firms and organizations greet these changes as an opportunity, rather than something to be feared. The virtual workforce revolution is here to stay The massive and abrupt pivot to remote working for organizations and law firms is not a blip that will reverse itself once the pandemic “ends.” Prior to 2020, it was a trend bubbling under the surface. The pandemic simply accelerated that trend more quickly than previously anticipated, and in doing so, permanently changed the landscape of white-collar careers. Most young adults who entered the workforce over the last two years have never known a world where work had to take place solely in an office setting. Meanwhile, more experienced workers—suddenly able to reap the flexibility that remote working provides—also do not seem keen to go back to a more rigid office-based work environment. And the younger generations waiting in the wings to enter the workforce over the next five to ten years have grown up learning and socializing in much more immersive virtual settings than any previous generation. As they become consumers and employees, technology will continue to evolve to accommodate their comfort interacting in those virtual environments. With a worldwide workforce shortage that does not seem like it well ebb anytime soon, this modern workforce will have the upper hand when it comes to demanding a more flexible, remote work environment, as well as access to the technology that facilitates it. Thus, organizations will not only have to adapt to these changes—they may need to lean heavily into them to survive. We can see the harbingers of this sea change even today. More and more companies are entering the metaverse , investing in NFTs, and utilizing virtual reality (VR) technology to perform work that would have typically been done in person or on flat screens (like training new employees). Microsoft, developers of one of the world’s most heavily used cloud collaboration and work platforms (M365 and Teams), also announced plans to introduce VR technology in 2022 that will work in conjunction with their existing technology, facilitating a more immersive virtual remote working experience for workers around the world. All these potential new data sources will significantly increase challenges from a data governance, data privacy, and eDiscovery perspective. But rest assured, the work that legal technology providers are doing now to put better systems in place to handle existing cloud-based tools will help lay the framework for how we handle data from the metaverse and other new sources in the future. For example, some eDiscovery providers and lawyers are already advocating for a move away from the traditional eDiscovery “custodial” ownership framework in order to accommodate how cloud-based data is stored and interacted with in organizations. Forward-thinking eDiscovery service providers are also advocating for a more holistic view of eDiscovery, one that begins at the data source and spans the entire data lifecycle—which will be a necessity as we move into a more virtual-based workplace. Technology providers are also starting to factor eDiscovery, data privacy, and compliance issues into future roadmaps and upgrades—making it easier to manage, search, and export data from new data sources for eDiscovery and compliance purposes. There is no magic bullet—a risk balancing act The shift to a more virtual world significantly increases risk for organizations and the law firms that represent them. Utilizing cloud-based tools and newer technology to facilitate a more virtual workplace will be increasingly important for organizations. However, due to the volume of data, and the speed at which it’s created, organizations will have to accept increased risks related to data privacy, data security, compliance, eDiscovery, etc. In effect, in today’s cloud-based world, there is no magic bullet that will completely eliminate risk caused by the proliferation and speed of data. Organizations are learning to balance risk and innovation when it comes to technology, rather than take an “all or nothing” approach. To do so, stakeholders from across the company must have a seat at the table when deciding how much risk they’re willing to take on in order to keep their employees productive and customers satisfied via technology. Knowledgeable legal technology service providers are already helping organizations adapt to this balancing act. Companies that have dedicated cloud technology experts can help their clients understand the technology they are using and how it works within their own environment. They can also help their clients staying abreast of ever-evolving risks presented by cloud-based technology and provide risk mitigation strategies that fit within the priorities of the organization. An increasing need to lean on managed service providers Today’s cloud-based tools and applications are increasingly complicated and present increased risks that must be managed. Additionally, due to global workforce shortages (i.e., “the great resignation) and unpredictable economic conditions (caused not only by the pandemic but by market uncertainty around Russia’s invasion of Ukraine, increasing gas prices, supply shortages, inflation, etc.), employees are often being asked to do more work with less budget and resources. Together, these two factors have led organizations and law firms to lean more on outsourcing specific segments and technology processes to outside service providers. The benefits of partnering with a trustworthy service provider to manage segments of the organization that require specialized expertise are manifold. The right service provider will have experts on staff who are wholly dedicated to understanding and managing specific technology, processes, and risk. Offloading management to those partners allows organizations to refocus on their own underlying mission. Service providers may also be better positioned to advocate for a company’s needs with pure technology providers because they have an existing partnership with those companies. This can help organizations fill technology gaps without spending weeks or months trying to negotiate with technology providers. Partnering with service providers also allows the organization to offload risks associated with the management of specific technology or processes to a company that is much better equipped to understand and take on that risk. Outsourcing work to a service provider can also significantly lower overhead costs and allow organizations to stay leaner and nimbler — empowering them to focus on tasks that add value to the underlying business while providing relief to overworked employees. In short, a good legal technology service partner can become an extension of an organization’s own team while lowering overhead and risk. Diversity can no longer be just a numbers game Over the last few years, we saw organizations and law firms focusing more on diversity efforts. Often, this focus was merely numerical, intended to increase the headcount of diverse staff. While this effort is well-intended (and long overdue), we are now seeing more demand for a deeper commitment to diversity and inclusion that goes beyond statistics, diversity training, and simple corporate statements. Today’s workforce, spurred on in part by a new generation of employees, are demanding that organizations be truly committed to diversity and equality on a deeper level—with action that is evident across the organization, from leadership profiles, to internal and external teams, to opportunities for advancement, to vendor selection, etc. And due to labor shortages, this new workforce has the power to effect change by refusing to work for companies that can’t demonstrate this type of commitment. Both the legal and technology industries have historically suffered from a lack of diversity. This is evident from the diversity gaps we still see in the industry today. However, this lack of diversity also presents an opportunity for legal technology companies to make a more significant impact. There is no downside to leaning into diversity. In fact, studies have shown that diverse companies are more successful. Legal technology companies have an opportunity to lead the way by putting dedicated systems in place to ensure that their leadership is diverse, that diversity is represented across all teams and company segments, that annual review processes and career advancement within the company are focused on equality, and that employees from underrepresented communities feel supported and seen within the company. Legal technology companies also have a unique opportunity to support groups that are dedicated to increasing legal and technology education and training opportunities for underrepresented communities (which is often at the root of the diversity problem across both industries). In this way, legal technology companies can help lead by example for the organizations and law firms they serve — showing that truly, a more diverse company is a more innovative company. Conclusion The world we are facing in 2022 is much different than the pre-pandemic world we left behind. The changes we are encountering today can present significant challenges to organizations and law firms — but they also present unique opportunities for growth. Legal technology companies can help both segments take advantage of these opportunities and emerge into a brighter future. ediscovery-reviewmanaged-services, cloud-migration, cloud-services, blog, ediscovery-review,managed-services; cloud-migration; cloud-services; blogsarah moran

In case the complexities of corporate data weren’t creating enough turbulence to keep corporate and legal teams up at night, along comes a prolonged pandemic to really shake things up. Because now, a complex data landscape has also become a complex employee landscape.What has been dubbed the “great resignation” (approximately 38 million workers voluntarily quit their jobs in 2021) has left many companies shaken as they struggle to adapt their organizations to a reconfigured and remote workforce. With little time to plan for the risks and contingencies such a seismic shift would normally entail, companies are now playing catch-up, seeking ways to ensure proper data management, better responses to fast-moving litigation and internal investigations, and enhanced security as they grapple with offsite employees, transformative applications, and the impact of an exodus that may have caused company data to escape its bounds.These unique circumstances present a number of challenges for companies and their legal teams alike. In a webinar with Today’s General Counsel, I was pleased to join Scott McVeigh, industry principal from Onna, to discuss the ways in which many companies have been affected. We looked at the recent workplace disruption and considered the impact: What data risks have emerged or intensified? What efficiencies or advantages? What areas of the company data environment deserve renewed focus? What steps can internal teams take to help ensure that data concerns are addressed and legal imperatives met? A Shift to Remote Work Accelerates Transition to the CloudPrior to the pandemic, an estimated 20% of the U.S workforce was working remotely. By December, 2020, that number had increased to 71%. Even with offices now deemed safer as the pandemic wanes, it is anticipated that more than 51% of the U.S. workforce will continue to be remote or hybrid.The impact of this shift has already been profound, reshaping the use, format, and storage of data. As many as 81% of organizations say the pandemic accelerated their cloud timelines as they raced to engage with new tools and applications that flooded the market to accommodate the remote workforce. Online collaboration has now become the new normal, with document sharing apps, chat functionalities, and web conferencing becoming the dominant forces that underpin daily work. Enhanced Collaboration — A Mixed Blessing While this shift may have resulted in some efficiencies as more informal practices took hold, the explosion of collaborative data technologies has also created significant challenges, especially for data and records management, security, and legal teams. As a result, some important enterprise areas are ripe for renewed attention and innovation:Information governance models: The disrupted workforce has made information governance efforts more complicated—and more necessary. Remote collaboration and sharing applications mean more data in more places, making it harder for internal teams to create and maintain a cohesive vision of the data landscape to contain and control growing data volumes.Rapid data growth from both authorized and unauthorized tools and new forms of communication (think gifs, memes, and emojis) makes it easier for data to proliferate, morph, even disappear, which may call for modified or additional policies and procedures. From a data security standpoint, privacy breaches coupled with other security stressors are magnified as siloed data, a perennial problem, pressure-tests existing processes and policies.eDiscovery and preservation imperatives: In the implementation of cloud applications, preserving and collecting data in a defensible manner has not been a top priority. More tools enabling informal, dispersed, and fluid content challenge the paradigm of traditional collection and review. Where is a particular kind of data living and who controls it? Who is the custodian or author of content in shared collaborative spaces? With so many new data types, what is now the definition of a “document” or a conversation?Employee transitioning: As employees moved offsite or departed during the pandemic, company data may have gone with them — if not through malicious exfiltration, then just because HR and IT, with reduced teams as well, could not keep up with the onboarding and offboarding process. One top concern for organizations is that the lost data or IP could have gone to a competitor. Training requirements: With workers at a distance, training on company privacy, security, and preservation policies — which should be intensifying — may be taking a back seat to other business priorities impacted by the pandemic. Too, cultivating a data-sensitive culture is now more difficult with employees often untethered from the norms of company data access and storage and little to no face-to-face interaction with other employees and their own managers. Law Firms and Legal Departments Not Exempt from DisruptionTo complicate matters, as companies were transformed by the pandemic, so too were the law firms and legal departments that support them. Already in a state of flux, the legal market was highly impacted by both employee departures and the migration to remote work, relatively foreign to an entrenched in-office culture. Lack of attention to document management, often a law firm weakness, has just added fuel to the fire.The resignation-induced talent drain has likely affected workflows, adding to inefficiencies and duplicative work as corporate and legal knowledge, both in-house and outside, dissipated with the overall disruption of formerly routine processes and responsibilities. It has certainly impacted eDiscovery processes; legal professionals are still working to master the art of conducting discovery remotely from cloud-based data sources.Bucking the Trends: Take These Steps to Reduce RiskThe disrupted workplace calls for renewed diligence, nimbleness, and a certain amount of creativity on the part of internal teams responsible for data and its management. Most of all, it requires rigorous attention to potential risks exacerbated by a still-evolving landscape.Here are some important steps companies can take to reduce risk: Scrutinize what may now be a very different data landscape. As in pre-pandemic times, knowing where data resides and in what format is a big part of the battle. With new tools and cloud storage locations making everything even more complex, thinking through applications and the data they generate before they roll out can save time, effort, and grief down the line. Analyze: Who uses what applications? Where does the data go and how is it stored? Who has control over it? From an eDiscovery standpoint, with so much data in play, it pays to scale efforts to potential returns; focusing on the most-used data sources is more fruitful than “boiling the ocean.” Cultivate stakeholder partnerships. As the workforce transforms, partnerships among internal stakeholders, especially IT, compliance, data privacy, records management, and information security teams — in close coordination with business units — are more important than ever in controlling how and by whom data is created and used. Corporate silos only enhance risk, especially when workers are remote and unsanctioned applications may be proliferating. Remember, though, that data initiatives are most effective when they come from the top, especially if funding is required. Engage the C-suite as much as possible. Improve information governance capabilities. As data pools from multiple collaborative sources and cloud applications proliferate, making prior linear processes cumbersome and expensive, a shift in focus to the left side of the Electronic Discovery Reference Model (EDRM) makes even more sense now. With the right cloud-based tools and services, as well as good information governance models, teams can perform better upstream and reduce downstream costs.Foster a culture of data awareness and protection. Training, training, training — for both current and incoming employees — is critical. Sound policies mean nothing if employees are unaware of or don’t abide by them or don’t understand the nature of the risk they are meant to address. Educate employees on data “ownership” best practices. Encourage sound data hygiene and enhance onboarding and offboarding procedures to take data risks into account, especially those related to preservation imperatives. Remember that inbound data from new employees that works its way into the company can be just as problematic as data exfiltration. Review and, if necessary, update records management policies. Records management policies should be considered programmatically to align with the nature of the business. Reducing company exposure by updating policy gaps that may be caused by evolving privacy regulations (e.g., GDPR, CCPA/CPRA, etc.) should be a top priority for any company’s records and data management teams. Remember that training goes hand in hand with any policy changes.Engage experts where you need them. Data complexities of today, especially related to privacy and security, may require the expertise beyond that routinely found in-house. Be sure to work with providers and experts well-versed in today’s challenges.Leverage technology where possible, with expertise in mind. Various data automation tools can provide the power to import, manage, and modify records in ways never before possible. AI and categorization tools can be used to assess data in place, potentially mitigating the need for linear collection, processing, and review of data in discovery. Automated tools can enable a more managed examination of departing employee data. But technology not carefully deployed or without the right experts behind the scenes can diminish the potential benefits. Know what questions to ask. Be an informed and thoughtful user: implement wisely. If you are interested in this topic, feel free to reach out to me at dblack@lighthouseglobal.com. chat-and-collaboration-data; forensics; information-governanceemerging-data-sources, cloud-security, red-flag-reporting, departing-onboarding-employee, pii, blog, record-management, risk-management, chat-and-collaboration-data, forensics, information-governance,emerging-data-sources; cloud-security; red-flag-reporting; departing-onboarding-employee; pii; blog; record-management; risk-managementdaniel black

This year’s International Women’s Day theme revolves around “breaking the bias” and imagining a more gender-equal world. This topic seems particularly relevant for the legal and technology fields, which both have long histories of being male-dominated industries. In 1980, just 8% of attorneys were women, with that number growing to 37% percent by 2021. While the number of women in the technology field has actually declined over the last 40 years, from 37% in 1985, to 33% in 2022.But cold statistics, while helpful, don’t tell the full story. Numbers can be helpful to get a 10,000-foot view of how far we’ve come and how far we still need to go—but they can’t tell us how to get to that gender-equal world or what it’s like to live those statistics. For that, we need to listen to women in the legal and technology space.We need to understand the perseverance of the women who broke through the glass ceiling when they were one of a few in the profession. Like when Supreme Court Justice Ruth Bader Ginsburg explained how they had to install a women’s bathroom in the justices’ robing room after her appointment to the Supreme Court in 1993. We need to hear the stories of the women who broke barriers while dealing with the intersectionality of gender and racial bias. Like Loretta Lynch, the first African-American woman and second woman to be confirmed as United States Attorney General in 2015, recounting the story of a client who directed all of his questions to Lynch’s co-worker – a young male associate – who had nothing to do with what Lynch was presenting.And we need to listen to the women leading our industry today and paving the way for the next generation. In that vein, Lighthouse is honored to feature seven women who are innovators, champions of equity, and models of leadership in the legal technology field:Vanessa Quaciari, eDiscovery Counsel, Baker Botts L.L.P.Kim Foster, Discovery Services Manager, Lane PowellKelly Clay, Assistant General Counsel and Global eDiscovery Counsel, GSKJani Grantz, eDiscovery Manager, DaVitaMarilyn Caldwell, eDiscovery Director, SiemensMoira Errick, Litigation Support Manager, StripeMargaret Dolson, Global Head eDiscovery Services and Archiving Technology, Deutsche Bank USAWe had the honor of interviewing these women about their experiences in the legal technology field and asking them their thoughts on breaking down biases within the industry. Their perspectives and advice can serve as a helpful guide for all people who strive for equality.Recognize the achievements and contributions of women Recognizing the achievements of women is a simple but powerful tool in the fight to break down bias. When women’s achievements, contributions, and ideas are recognized within a firm or organization, it helps dismantle harmful stereotypes that women are not as present in the workplace, or that they don’t achieve as much as men.Talking other women up is so important. When you have a seat at the table and an opportunity to promote another talented woman – you should always do so. —Margaret DolsonFrom a cultural perspective, you have to be intentional and lead by example. Elevate female voices by echoing their comments and ideas while ensuring they receive full credit for their contributions. Seek out their counsel in front of others, and do it often, so that it becomes the norm within your culture. —Kim FosterHowever, for a variety of reasons, women may not feel comfortable recognizing their own achievements. They may also be more reticent to accept recognition or downplay their contributions. Many of the women we spoke to mentioned that accepting recognition was just as important as giving it, because recognition of one woman serves to amplify the voices of others.Women are far too often dismissive of their own achievements. We don't want to be seen as someone who brags or calls attention to ourselves. Frequently, we fall into the societal trappings of even going so far as to be dismissive of our own accomplishments – if we even make them publicly known. I strive to normalize being proud of ourselves, to share what we have achieved, and know that even if it may seem small to our own eyes, it's an accomplishment. I encourage a safe and supportive environment where everyone can feel free to share in their own way, through their own voice, or through the help of another. We all deserve recognition for what we do. —Moira ErrickI remind women that your achievements may seem like just doing your job, but they are so much more for each of us, and it is important to accept and recognize the appreciation. —Kelly ClayI’ve joined organizations to get my name, knowledge, and experience out there to show what women are capable of and be encouraging to women and other genders. —Jani GrantzTo help facilitate and encourage this recognition, it’s important for firms, organizations, departments, and teams to have a dedicated method for acknowledging achievements, wins, and contributions for all employees. This can be as simple as an email chain, or as formal as a dedicated system.My company as a whole strives for equality in all areas, be it gender, race, or any other identifying factor, and that allows my team the ability to recognize accomplishments from everyone including women. In my department, we do Friday emails where people get shout-outs for their contributions and wins, all inclusive of genders, as everyone’s achievements are important to the growth of the village. —Jani GrantzWe are proud to have extremely talented women throughout our firm and are constantly making sure we help raise their visibility. —Vanessa QuaciariWe celebrate achievements both formally and informally, including day-to-day support and recognition in broader team meetings, postings, and events. —Marilyn CaldwellWork to increase representation Both the legal and technology fields have been historically male-dominated. While the statistics are improving incrementally, there is still a way to go before there is equity in the legal technology industry.Many times in my career, I have been the only woman in the room, in the meeting, in the planning session. —Marilyn CaldwellGenerally speaking, both the legal and technology fields have up to now been male-dominated. Even in the eDiscovery niche, the technological knowhow is typically something that is provided by men. This likely is the result of the relatively low number of women historically graduating with science, technology, engineering, and mathematics (STEM)-related degrees. —Vanessa QuaciariHistorically, there has been a perception that women are not as technically inclined or analytical as men. This is simply not true, evidenced by the many exceptional women in eDiscovery at all levels. The legal and technology fields both suffer from stereotypes of having fewer women in them than many other fields. While more women have been entering law school and the legal field generally, there are fewer women at the higher levels of ownership (partners) and leadership. Women want equitable opportunities for growth and development, and they want to be considered for leadership roles. —Kim FosterOver the years I’ve seen men get bigger matters, better pay, and faster promotions because “historically men know more about technology” and they support their own first. —Jani GrantzThus, the importance of women representation in the industry cannot be understated. A more diverse team is stronger and more innovative. Representation also breaks down barriers and moves organizations toward gender equality.When there are more of us in the room, more women who have a seat at the table and have the ability to influence decision-making, it puts us in a better position to recognize the potential of other women and help move them forward. —Margaret DolsonMore women in leadership positions bring a more well-rounded, balanced, and holistic perspective to business. —Marilyn CaldwellThere are a variety of ways to increase representation of women, both on a small scale and across the entire industry. On a micro level, team members can ensure that there is diversity across projects, matters, and teams. Co-workers can prioritize diversity of thought when setting important meetings. Outside of work, people can strive to improve representation by getting involved in technology and legal education programs or join industry groups dedicated to diversity, equity, and inclusion in the field. On a macro level, organizations should develop systems to ensure their hiring, pay, and career development practices are driving diversity. Companies and firms can also support organizations that are dedicated to increasing diversity in technology and legal education.We get to increased representation in the industry by listening, by intentional discourse, and, most importantly, by supporting and identifying women with talent to fill these roles.—Marilyn CaldwellBreaking gender biases starts at home. I have two daughters and a son, and I try to instill in them all an interest in science and technology, rather than perpetuate the misguided notion that those fields are only appropriate for boys. —Vanessa QuaciariTake stock of your current compensation program (i.e., how are people paid, do we have consistent methodologies to establish pay ranges for a specific role, provide pay increases, etc.). Develop hiring and recruiting protocols that evaluate individuals based on observable skills, measurable outcomes, etc. In hiring, this may entail ensuring that recruiters use similar questions for each candidate, improve validity and reliability within the candidate selection process, and give weight to candidate attributes that actually count and ensure that scorers are consistent. —Kim FosterI personally have worked to change that gender stereotype by increasing my eDiscovery tech knowledge, learning the front and back end of relevant software, getting my RCA, and staying current with legal tech updates. —Jani GrantzBefore implementing these systems at the organizational level, however, decision-makers may need to be trained to understand their own implicit biases to ensure they are not unintentionally hampering diversity efforts. Educate your decision-makers about bias and implicit bias. Decision-makers could include, but are not limited to, your organization’s recruiting team, hiring managers, supervisors, those in leadership roles who hire individuals, including positions responsible for ongoing professional development. —Kim FosterOne of the things I’ve championed within our organization is unconscious bias training and exposure – because I think the awareness of that is what can really lead to change. Discussing unconscious bias and its effects is not about assigning blame. It’s about talking through the things that may cause us to be inherently biased against others, and even ourselves, within the workplace. And that discussion can lead us to shift those perceptions so that everyone feels comfortable expressing their thoughts and opinions. —Margaret DolsonBoldly be yourself… and then don’t be afraid to use your voice loudlyMany high-achieving women often speak about facing “imposter syndrome” – the feeling of doubting your own ability in a role while feeling like a fraud masquerading as a leader. This experience may be exacerbated for women in a male-dominated industry because other leaders and experts in the industry are predominantly men, and therefore, don’t look or sound like they do.One way to overcome this feeling is to recognize the implicit bias you may have around what an “expert” or “leader” looks or sounds like – and then working to stop trying to fit into that mold. In other words, strive to be your authentic self.Imposter syndrome is a very real issue because we may never fit into the template of what a “leader” has traditionally looked and sounded like within the legal and technology industries. So, we end up trying to fit into a mold of someone who is not remotely like us. But when we are able to be our authentic selves, and we know our subject matter – we can show up as competent, charismatic, and confident even when we don’t fit into a blueprint. However, it can take a lot of courage to do that. —Margaret DolsonOnce you are not afraid to use your own voice, you can then start using it loudly – not only to demonstrate your own expertise and knowledge, but also as a voice for others.Present yourself as you are, focusing on your skills and abilities rather than your appearance. Do not be afraid to put yourself “out there” for technical positions or projects, and never let anyone tell you that you are not capable. —Kim FosterContinue to stand up for gender equality and don’t back down whether you’re a woman who is being treated unfairly or someone who is witnessing acts of inequality toward women and other genders. Don’t be afraid to voice your opinion and bring notice to the bias. Even if it’s unintentional, it’s important that people see the affects bias has so that behaviors can be changed. —Jani GrantzDon’t let inertia get you. Speak up, advocate for yourself the way you would for others. Take up more space than you need and keep moving forward. —Kelly ClayThere are very brilliant women who are leading the charge both on the legal and the technological side as well as the judicial side. Day in and day out they are demonstrating through case law, articles, and innovative technology expansion that the traits we prize in the workforce are equal opportunity characteristics that any human can demonstrate passionately. —Moira ErrickLean in. Gather perspective. Be clear. Be diplomatic AND assertive. Be an example. Take a seat at the table. Be brave. Be candid. Listen to understand. —Marilyn CaldwellFind your tribeIt’s important to find your “tribe” – a group of people who support each other and can provide knowledgeable advice and an ear to listen when needed. When women have a support system and feel accepted as they are, they feel comfortable using their voice to advocate for themselves and for others. In this way, women can empower each other to break through barriers and bias.I strongly urge all women to find their tribe. Find a mentor, be a mentor. Be active in both your professional and personal communities in whatever way you can. We don't have to network through these organized functions to be supported. We can support one another on the sidelines of the soccer field, at 3 a.m. on a group text as we cram in one more rewrite of that summary, or at 8 a.m. as we take a moment to ourselves. Find your tribe who will give you the support and respect we all deserve. —Moira ErrickWithin the workplace, I recommend women align themselves with similarly-minded professionals, not only women in leadership positions, but people whose careers and knowledge are worth emulating and understanding. I think this helps break gender biases while creating goodwill with people with similar career paths. —Vanessa QuaciariRecognize the historic challenges women are facing today – and work to overcome thoseCovid-19 has had a dramatic effect on the workforce. But it has had a disproportionate effect on women. For instance, a 2021 policy brief from the International Labour Organization found that globally, women’s employment dropped by 4.2% between 2019 and 2020, compared with 3% for men. And a January 2021 report from the National Women’s Law Center showed that when the economy lost 140,000 net jobs in December of 2020, all of those losses fell on women (with women losing 156,000 jobs and men gaining 16,000). This disproportionate effect is because women are often the primary caregivers in family structures.Covid has impacted all of us profoundly. For caregivers in a family its impact is amplified. I don’t want to assume that all caregivers are women, but many are the primary caregivers and also have full time jobs. —Kelly ClayAs a mother, I am aware of how the pandemic has impacted not only women lawyers with children, but parents in general, who now have their usual load of professional responsibilities plus the added duties related to having their children at home all of the time. —Vanessa QuaciariI have seen many working women, especially those who also act as caregivers, facing a lot of added stress due to biased thinking. I have seen many women who have had to make life altering choices...family or career. Near and dear friends have had to step away from their roles because they are not afforded the trust by their employers to get their jobs done outside of the “correct” hours of the day. Covid has exacerbated that, but by the same token it has brought this issue to the forefront. It's not a problem that is unique to any one company, it is endemic in our nation. —Moira ErrickIndeed, while these hardships were felt most acutely during pandemic-related lockdowns, the pandemic simply highlighted and exacerbated inequities that already existed for women. Moving forward, this can be addressed by looking more holistically at the root cause and working to remedy from the ground up. In terms of how to curb the disproportionate impact of the pandemic as we move forward – we need to shift our focus to include men in this analysis. Rather than solely asking women what they need, we also need to ask men, “What do you need in order to be equal participants in running a household?” Because running a household is very similar to running a business and when we focus only on women, we are saying that it’s solely on a woman to keep that business running. The disproportionate burden on women can’t just be addressed by trying to accommodate women, we need to also bring men into the equation. —Margaret DolsonCorporations that support work life balance, in whatever terms the employee sets, are still unicorns. We have to recognize, as a nation, that the mindset that work can only be done in one location during set hours is simply not true in today's business world and given the disparate impact such restrictions have on women, it should not be tolerated anymore. We cannot close the door to half of the workforce because they are left with no other options due to inability to access childcare, lack of school, partners who also are beholden to unforgiving work schedules, and the many other hurdles that are out there. We need to recognize that work is work, whether it is done between 9 a.m. and 5 p.m. or 7 p.m. to 2 a.m. or any combination thereof, so long as it meets the overarching needs of the business. —Moira ErrickConclusionThe stories and advice of these women leaders can serve as a guide, helping to lead us to become a more gender-equal industry and world. Lighthouse is proud to amplify their voices.diversity-equity-and-inclusionblog, diversity-equity-and-inclusion,bloglighthouse

In 2021, corporations and law firms alike grappled with yet another year of disruption and unpredictability caused by economic volatility, a lingering global pandemic, increased regulation, and inequality within the workforce. To help our clients prepare for whatever 2022 may have in store, Lighthouse CEO Brian McManus welcomed economic forecaster and former CNBC chief economist and Squawk Box co-host Marci Rossell for a lively discussion centered around these current global macroeconomic trends, with a focus on their effect on the legal industry.Their conversation was wide-ranging and informative, touching on impacts, causes, and forecasts related to inflation, global workforce shortages, inequality in the workplace, technology adoption, and increased regulatory and data privacy restrictions. The key takeaways from this discussion are outlined below.Economic InflationAs of January 2022, the inflation rate was hovering around 7% in the United States (US), and around 5% in the European Union (EU). These are the highest inflation rates both countries have seen in decades. Rossell explained that one of the major contributing factors for this increase is the speed at which the overall economy recovered from the abrupt halt in economic activity in the spring of 2020 due to the COVID-19 pandemic. The sharp economic recovery drove a surge in demand for services and goods, at a time when supply around the world was at an all-time low due to pandemic-related shutdowns. This tension led to the current sustained inflation rates we’re seeing today, and those rates can be expected to remain high for the foreseeable future in markets where production is not expected to meet demand any time soon (such as the energy and oil industries).Within the legal industry, specifically, law firms and organizations have not only been impacted by the typical “cost of goods” inflation described above – they have also been impacted by inflation related to labor shortages and rising wages, as well as costs related to regulation and compliance. “The Great Resignation” and Its Impact on the Legal IndustryOver the last two years, droves of workers have switched employers, changed careers, or left the workforce all together, in what pundits and economists have deemed, “The Great Resignation.” Rossell explained that this global phenomenon may have roots in the financial crises of 2008 – 2009, when the economy contracted dramatically, leaving millennials struggling to enter a workforce plagued by an unemployment rate that had soared into the double digits. In the wake of this recession and for years afterward, the balance of power between employers and employees was weighted heavily in favor of employers, with overqualified workers applying to the same jobs, giving employers their pick of quality candidates. Now, this same generation of millennials have been confronted with a pandemic that has caused millions of people to suddenly sever their connections to jobs, employers, and/or geography. Many of these workers may not have felt very connected to where they worked or lived in the first place, but stayed because of their previous experience in a job market that was heavily influenced by the last recession. The pandemic suddenly forced this generation of workers into a situation that ultimately enabled them to make different career choices. And we are certainly seeing them making those choices. As Rossell noted, in addition to this trend among the millennial generation, the pandemic also escalated early retirements for an older generation, while an overall decrease in population growth has led to 400,000 fewer young people entering the labor force every year. These three factors are a perfect labor-shortage storm, with fewer experienced workers, fewer young people entering the labor market, and a generation of mid-career millennials reevaluating their careers and/or employers.McManus pointed out that labor shortage has also had a significant effect on the legal industry generally, and the eDiscovery industry specifically. eDiscovery is a niche industry, which makes it harder to find and retain experienced talent in general. But over the last twelve months, the tighter labor market has significantly exacerbated those issues. There is now a shortage of talent within eDiscovery and the cost of retaining valuable talent has sharply increased over the last nine months, with experienced employees being offered 20% to 40% more in compensation.This trend also affects the broader legal industry. Attrition of associates at law firms was at an unprecedented level in 2021 and the cost of retaining associates skyrocketed. For example, law firm associate compensation grew 11% in November of 2021, year over year, according to a state of the legal market report from the Thomson Reuters Institute. This trend can be expected to continue over the next few years due to the economic factors at play.To combat the worker shortage, McManus warned that employers should expect to not only offer higher compensation, but also include benefits like flexible work arrangements, in order to recruit and retain talented employees. Even prior to the pandemic, Rossell noted, studies showed that flexible work arrangement benefits were worth about 8% of a salary to younger employees. This trend is expected to sustain well into the future, as housing market trends indicate that 30-somethings are moving to larger homes away from large corporate offices and cities.Diversity, Equity, and Inclusion in the WorkforceThere has been a significant emphasis placed on diversity, equity, and inclusion (DE&I) over the past few years across many markets, including the legal industry. Rossell provided a historical perspective, explaining that thirty years ago the consensus from economists was that the labor market was rational and profit-maximizing and thus, discrimination in the labor force could not exist. The theory was that for-profit companies would always be incentivized to hire the best individual for the job, regardless of gender, race, ethnicity, sexual orientation, etc. But in 2004, a groundbreaking economic study on race in the labor market found that people with white-sounding names were 50% more likely to get a call back from an HR professional. This study was the beginning of a sea-change in economics, where organizations slowly realized the economic need for, and importance of, DE&I. In effect, organizations began to slowly understand that there was an economic cost to not hiring the best candidates, and that focusing on DE&I increases profitability, productivity, and growth.This sea-change is represented across the globe. European countries were initially on the forefront of this movement, as evidenced by the 2003 emphasis in Norway to have gender equity represented on corporate boards within the country. The US is now moving even further in that direction. Last year, Nasdaq proposed new board diversity rules and disclosure guidance, including that listed companies should have at least one board member who identifies as a woman, as well as one board member who self-identifies as an underrepresented minority or LGBTQ+.As McManus pointed out, this trend is also represented across the legal industry. There is a continued expectation for more diversity, equity, and inclusion within organizations, law firms, and legal technology supply vendors. Clients want to see diversity, equity, and inclusion represented in the teams they work with on a daily basis. Additionally, the next generation of talented employees is also demanding an equitable environment in which to work. Thus, legal and eDiscovery employers should expect that going forward, they will need to track, measure, and demonstrate an inclusive, equitable, and diverse environment in order to attract and retain the best workers.As Rossell pointed out: “(DE&I) matters to the next generation. As talent becomes scarcer and the balance of power shifts away from employers to employees, [the next generation of workers] is going to demand not only a flexible workforce but a diverse and inclusive environment to work in.”As DE&I programs advance, eDiscovery and legal teams will see how diverse hiring contributes to greater innovation and success.AI and Its Role in the Legal IndustryRossell also provided a historical view of technology innovation and its effect on worldwide economies. She noted that artificial Intelligence (AI) technology is the next step in a 200-year-old process that began with the industrial revolution – when advances in machine automation allowed simple machines to perform manufacturing related processes, enabling humans to migrate towards more service-related work. This has now evolved into machines that can now perform some of the work in the service sector, thanks to advancements in AI technology.McManus noted that within the legal industry, lawyers (who are trained to be risk-averse) have traditionally been much slower to adopt this emerging technology. However, the legal industry is also quickly becoming submerged in “big data,” and AI is one of the most effective tools to combat the labor shortages and increased costs that exacerbate the problems caused by massive data volumes. Nowhere is this more evident than in the document review process performed during eDiscovery.“The industry still follows a traditional approach [to document review] with large groups of lawyers reviewing massive volumes of text and that approach is just untenable,” McManus said.The impracticality of that traditional approach is not only due to the increased volume and complexity of data, but also due to labor shortages and increased labor costs. Advancements in AI give newer legal technology tools the capability to help automate and expedite the document review process. This should lead to AI adoption at a much faster pace than we’ve traditionally seen in the legal industry, McManus noted.The Global Regulatory Landscape, Anti-Trust Activity, and What to Look for in the Coming YearsRossell also provided an insightful overview of the dynamic and shifting regulatory landscape from an economist’s perspective. Increased governmental regulation is raising costs in almost every industry and is one of the driving forces behind higher inflation rates. In the United States, the increase in government regulation may be due to the fact that the government’s governing functions have been slowly shifting from the legislative branch to the executive branch. In turn, this shift means that every four years, companies may deal with a complete shift in the regulatory landscape depending on which political party wins the presidential office. These abrupt swings make compliance very costly and put pressure on smaller organizations. Often the only companies that can survive this type of volatility are those big enough to support a department solely dedicated to compliance. Thus, in some ways, increased government regulation is driving the consolidation of companies.At the same time, we are seeing a shift in antitrust policy from an economics perspective. Whereas previously, anti-competition policy was centered around whether consolidation would harm consumers, we’re now seeing a shift to assessing a broader range of harm. Prior to this shift, a merger would be blocked if it would cause higher prices for consumers (i.e., if the merger would cause consumers harm by giving them less choices and therefore raise consumer prices). Now, mergers are blocked for a much broader range of issues that are not just centered solely around consumers, but around society as a whole. For example, a merger might now be blocked if it would be harmful to the environment, to workers, would cause a decline in future competition, etc. This more aggressive governmental regulation worldwide is expected to continue in the coming years. In short, expect anti-competition scrutiny to continue to be broad and aggressive, regardless of changes in political parties and offices.The Future of the Global Data Privacy LandscapeFinally, McManus provided a helpful overview of recent changes to the data privacy landscape, and what to expect in the 2022. Another area where government regulation is expected to continue to increase globally is around data privacy rights and protections for consumers. The EU’s GDPR legislation in 2018 paved the way for data privacy rights, providing a template for governments on how to regulate and protect consumer data privacy. Within a few years, California followed suit, as did a plethora of other governments around the world. This trend is only expected to continue as we move into an increasingly digital world.In the US in 2021 alone, two more states passed comprehensive GDPR-like laws (Virigina and Colorado), while at least 25 other states introduced or had data privacy laws somewhere within the state legislative consideration process. And the US federal government also looks to be increasingly active in this area – with the U.S. House Energy and Commerce Committee voting to give the Federal Trade Commission $1 billion to set up a data privacy bureau. Even China passed a GDPR-like law in 2021, the Personal Information Protection Law, which included not only the risk of huge fines for non-compliance, but also the risk of companies being black-listed by the Chinese government.This focus on data privacy regulation will certainly increase costs for businesses in the coming years, as companies work to stay compliant with a patchwork of global and local data privacy laws and regulations.ediscovery-reviewccpa, gdpr, review, ai-big-data, blog, ediscovery-review,ccpa; gdpr; review; ai-big-data; bloglighthouse

Artificial intelligence (AI) has proliferated across industries, in popular culture, and in the legal space. But what does AI really mean? One way to look at it is in reference to technology that lets lawyers and organizations efficiently manage massive quantities of data that no one’s been able to analyze and understand before.While AI tools are no longer brand new, they’re still evolving, and so is the industry’s comfort and trust in them. To look deeper into the technology available and how lawyers can use it Lighthouse hosted a panel featuring experts Mark Noel, Director of Advanced Client Data Solutions at Hogan Lovells, Sam Sessler, Assistant Director of Global eDiscovery Services at Norton Rose Fulbright, Bradley Johnston, Senior Counsel eDiscovery at Cardinal Health, and Paige Hunt, Lighthouse’s VP of Global Discovery Solutions.Some of the key themes and ideas that emerged from the discussion include:Defining AIMeeting client expectationsUnderstanding attorneys’ duty of competenceIdentifying critical factors in choosing an AI toolAssessing AI’s impact on process and strategyThe future of AI in the legal industryDefining AIThe term “AI” can be misleading. It’s important to recognize that, right now, it’s an umbrella term encompassing many different techniques. The most common form of AI in the legal space is machine learning, and the earliest tools were document review technologies in the eDiscovery space. Other forms of AI include deep learning, continuous active learning (CAL), neural networks, and natural language processing (NLP).While eDiscovery was a proving ground for these solutions, the legal industry now sees more prebuilt and portable algorithms used in a wide range of use cases, including data privacy, cyber security, and internal investigations.Clients’ Expectations and Lawyers’ DutiesThe broad adoption of AI technologies has been slow, which comes as no surprise to the legal industry. Lawyers tend to be wary of change, particularly when it comes at the hands of techniques that can be difficult to understand. But our panel of experts agreed that barriers to entry were less of an issue at this point, and now many lawyers and clients expect to use AI.Lawyers and clients have widely adopted AI techniques in eDiscovery and other privacy and security matters. However, the emphasis from clients is less about the technology and more about efficiency. They want their law firms and vendors to provide as much value as possible for their budgets.Another client expectation is reducing risk to the greatest extent possible. For example, many AI technologies offer the consistency and accuracy needed to reduce the risk of inadvertent disclosures.Mingled with client expectations is a lawyer’s duty to be familiar with technology from a competency standpoint. We aren’t to the point in the legal industry where lawyers violate their duty of competence if they don’t use AI tools. However, the technology may mature to the point where it becomes an ethical issue for lawyers not to use AI.Choosing the Right AI ToolDecide Based on the Search TaskThere’s always the question of which AI technology to deploy and when. While less experienced lawyers might assume the right tool depends on the practice area, the panelists all focused on the search task. Many of the same search tasks occur across practice areas and enterprises.Lawyers should choose an AI technology that will give them the information they need. For example, Technology-assisted review (TAR) is well-suited to classifying documents, whereas clustering is helpful for exploration.Focus More on FeaturesTeams should consider the various options’ features and insights when purchasing AI for eDiscovery. They also must consider the training protocol, process, and workflow. At the end of the day, the results must be repeatable and defensible. Several solutions may be suitable as long as the team can apply a scientific approach to the process and perform early data assessment. Additional factors include connectivity with the organization’s other technology and cost.The process and results matter most. Lawyers are better off looking at the system as a whole and its features in deciding which AI tech to deploy instead of focusing on the algorithm itself.Although not strictly necessary, it can be helpful to choose a solution the team can apply to multiple problems and tasks. Some tools are more flexible than others, so reuse is something to consider.Some Use Cases Allow for ExperimentationThere’s also the choice between a well-established solution versus a lesser-known technology. Again, defensibility may push a team toward a well-known and respected tool. However, teams can take calculated risks with newer technologies when dealing with exploratory and internal tasks.A Custom Solution Isn’t NecessaryThe participants noted the rise in premade, portable AI solutions more than once. Rarely will it benefit a team to create a custom AI solution from scratch. There’s no need to reinvent the wheel. Instead, lawyers should always try an off-the-shelve system first, even if it requires fine-tuning or adjustments.AI’s Impact on ProcessThe process and workflow are critical no matter which solution a team chooses. Whether for eDiscovery, an internal investigation, or a cyber security incident, lawyers need accurate and defensible results.Some AI tools allow teams to track and document the process better than others. However, whatever the tool’s features, the lawyers must prioritize documentation. It’s up to them to thoughtfully train the chosen system, create a defensible workflow, and log their progress.As the adage goes: garbage in, garbage out. The effort and information the team inputs into the AI tool will influence the validity of the results. The tool itself may slightly influence the team’s approach. However, any approach should flow from a scientific process and evidence-based decisions.AI’s Influence on StrategyThere’s a lot of potential for AI to help organizations more strategically manage their documents, data, and approach to cases. Consider privileged communications and redactions. AI tools enable organizations to review and classify documents as their employees create them—long before litigation or another matter. Classification coding can travel with the document, from one legal matter to another and even across vendors, saving organizations time and money.Consistency is relevant, too. Organizations can use AI tools to improve the accuracy and uniformity of identifying, classifying, and redacting information. A well-trained AI tool can offer better results than people who may be inconsistently trained, biased, or distracted.Another factor is reusing AI technology for multiple search tasks. Depending on the tool, an organization can use it repeatedly. Or it can use the results from one project to the next. That may look like knowing which documents are privileged ahead of time or an ongoing redaction log. It can also look like using a set of documents to better train the algorithm for the next task.The Future of AIThe panelists wrapped the webinar by discussing what they expect for the future of AI in the legal space. They agreed that being able to reuse work products and the concept of data lakes will become even greater focuses. Reuse can significantly impact tasks that have traditionally had a huge cost burden, such as privilege reviews and logs, sensitive data identification, and data breach and cyber incidents.Another likelihood is AI technology expanding to more use cases. While lawyers tend to use these tools for similar search tasks, the technology itself has potential for many other legal matters, both adversarial and transactional. To hear more of what the experts had to say, watch the webinar, “Deploying Modern Analytics for Today’s Critical Data Challenges.” ai-and-analytics; ediscovery-review; lighting-the-path-to-better-ediscoveryai-big-data, blog, data-reuse, project-management, ai-and-analytics, ediscovery-reviewai-big-data; blog; data-reuse; project-managementai-analyticslighthouse

eDiscovery is currently undergoing a fundamental sea change, including how we think about data governance and the EDRM. Linear review and older analytic tools are quickly becoming outdated and unable to handle modern datasets, i.e., eDiscovery datasets that are not only more voluminous than ever before, but also more complicated – emanating from an ever-evolving list of new data sources and steeped in variety of text and non-text-based languages (foreign language, slang, emojis, video, etc.).Fortunately, technological advancements in AI have led to a new class of eDiscovery tools that are purpose built to handle “big data.” These tools can more accurately identify and classify responsiveness, privileged, and sensitive information, parse multiple formats, and even provide attorneys with data insights gleaned from an organization’s entire legal portfolio.This is great news for legal practitioners who are faced with reviewing and analyzing these more challenging datasets. However, evaluating and selecting the right AI technology can still present its own unique hurdles and complexities. The intense purchasing process can raise questions like: Is all AI the same? If not, what is the difference between AI-based tools? What features are right for my organization or firm? And once I’ve found a tool I like, how do I make the case for purchasing it to my firm or organization?These are all tough questions and can lead you down a rabbit hole of research and never-ending discussions with technology and eDiscovery vendors. However, the right preparation can make a world of difference. Leveraging the below steps will help you simplify the process, obtain answers to your fundamental questions, and ultimately select the right technology that will help you overcome your eDiscovery challenges and up level your eDiscovery program.1. Familiarize Yourself with Subsets of AI in eDiscoveryNewer AI technology is significantly better at tackling today’s modern eDiscovery datasets than legacy technology. It can also provide legal teams with previously unheard-of data insights, improving efficiency and accuracy while enabling more data-driven strategic decisions. However, not all technology is the same – even if technology providers tend to generally refer to it all as “AI.” There are many different subsets of AI technology, and each may have vastly different capabilities and benefits. It’s important to understand what subsets of AI can provide the benefits you’re looking for, and how those different technology subsets can work together. For example, Natural Language Processing (NLP) enables an AI-based tool to understand text the same way that humans understand it – thus providing much more accurate classifications results – while AI tools that leverage deep learning technology together with NLP are better able to handle large and complex datasets more efficiently and accurately. Other subsets of AI give tools the ability to re-use data across matters as well as across entire legal portfolios. Learning more about each subset and the capability and benefits they can provide before talking to eDiscovery vendors will give you the knowledge base necessary to narrow down the tools that will meet your specific needs. 2. Learn How to Measure AI ROIAs a partner to human reviewers, advanced AI tools can provide a powerful return on investment (ROI). Understanding how to measure this ROI will enable you to ask the right questions during the purchasing process to ensure that you select a tool that aligns with your organization or law firm’s priorities. For example, if your team struggles with review accuracy when utilizing your current tools and workflows, you’ll want to ensure that the tool you purchase is quantifiably more accurate at classifying documents for responsiveness, privilege, sensitive information, etc. The same will be true for other ROI metrics that are important to your team, such as lower overall eDiscovery spend or increased review efficiency.These metrics will also help you build a strong business case to purchase your chosen tool once you’ve selected it, as well as a verifiable way to confirm the tool is performing the way you want it to after purchase.3. Come Prepared with a List of QuestionsIt’s easy to get swept up in conversations about tools and solutions that end without the metrics you need. A simple way to control the conversation and ensure you walk away with the information you need is to prepare a thorough list of questions that reflect your priorities. Also be sure to have a method to record each vendor’s response to your questions. A list of standard questions will keep conversations more productive and provide a way to easily contrast and compare the technology you’re evaluating. Ensure that you also ask for quantifiable metrics and examples to back up responses, as well as references from clients. This will help you verify that vendor responses are backed by data and evidence.4. Know the Pitfalls of AI Adoption—and How to Avoid ThemIt won’t matter how much you understand AI capabilities, whether you’ve asked the right questions, or whether you understand how to measure ROI, if you don’t know how to avoid common AI pitfalls. Even the best technology will fail to return the desired results if it’s not implemented properly or effectively. For example, there are some workflows that work best with advanced AI, while other workflows may fail to return the best results possible. Knowing this type of information ahead of time will help you get your team on board early, ensure a smooth implementation, and enable you to unlock the full potential of the technology.These tips will help you better prepare for the AI purchasing process. For more information, be sure to download our guide to buying AI. This comprehensive guide offers a deep dive into tips and tactics that will help you fully evaluate potential eDiscovery AI tools to ensure you select the best tool for your needs. The guide can also be used to reevaluate your current AI and analytic eDiscovery tools to confirm you’re using the best available technology to meet today’s eDiscovery challenges.lighting-the-way-for-review; ai-and-analytics; ediscovery-review; lighting-the-path-to-better-review; lighting-the-path-to-better-ediscoveryreview, ai-big-data, blog, ai-and-analytics, ediscovery-reviewreview; ai-big-data; blogai-analyticssarah moran

While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance issued throughout the year that made significant ripples. Below is a summary of some of the most important data privacy changes that will impact companies operating in the United States, Europe, and China in 2022 and beyond.US Regulation ChangesVirginia Consumer Data Protection Act (VCDPA)What it Does: Similar to the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) (jointly, the first GDPR-like data protection regulations passed within the US), the new Virginia regulation is a comprehensive data protection law that bestows certain rights and protections to Virginia residents regarding the use of their personal data, including:The right to opt out of having their data sold or used for targeted advertising, as well as the right to opt out of having their data used for “profiling” (i.e., using a person’s personal data to evaluate, analyze, or predict aspects of their economic situation, health, personal preferences, interests, reliability, behavior, location, or movements).The right to request that companies provide information about the personal data they have collected from them, and have it corrected or deleted.The right to request a free copy of their personal data in a portable, readily usable format.The law also requires companies to gain permission from citizens before collecting certain classes of highly sensitive personal data, including racial or ethnic origin, genetic data, and geolocation. The new law does not provide for a private right of action (i.e., it does not allow individuals to bring lawsuits against companies for data privacy rights violations). Instead, the law will be enforced by the state’s Attorney General.Who it applies to: All Virginia residents have rights under the VCDPA. Any company or organization that conducts business in Virginia and meets either of the following two criteria must comply with its requirements:Controls or processes personal data of at least 100,000 consumers; orDerives over 50 percent of gross revenue from the sale of personal data and control or process personal data of at least 25,000 consumers.Note that there are broad exemptions for financial institutions, as well as organizations or businesses that are governed by HIPAA or HITECH. Other exemptions include non-profit organizations and higher education institutions.When it takes effect: Jan. 1, 2023When it was passed: March 2, 2021Other notes: Tech industry trade groups and businesses heavily supported the VCDPA. Colorado Privacy Act (CPA)What it Does: Following in the footsteps of California and Virginia, Colorado was the third state to pass a comprehensive GDPR-like data privacy law. The new law conveys data privacy rights to Colorado residents that are nearly identical to the VCDPA, including:The right to opt out of the use of their personal data for sale or targeted advertising, as well as for the use in profiling decisions that would have legal or significant effects to the consumer (such as the use of personal data that may affect decisions regarding consumer lending, financial, housing, and insurance decisions).The right to request that companies provide information about the personal data they have collected from them, and request that it either be corrected or deleted.The right to obtain their personal data from a company in a free “portable” and readily usable format.Similar to Virginia and California, the law also classifies “sensitive data” as a separate category of personal data that requires additional protection, including: personal data that reveals racial or ethnic origin, religious beliefs, a mental or physical health condition or diagnosis, sex life or sexual orientation, or citizenship or citizenship status; genetic or biometric data that may be processed for the purpose of uniquely identifying an individual; or personal data from a known child under the age of 13. Note that Colorado’s definition of sensitive data does not include precise geolocation data, whereas Virginia and California’s data protection laws do.Who it applies to: All Colorado residents have rights under the CPA. Any company or organization that conducts business or produces commercial products or services that are intentionally targeted to Colorado residents and meet either of the following two criteria must comply with its requirements: Controls or processes personal data of at least 100,000 consumers in a calendar year; orDerives revenue from the sale of personal data and control or process the personal data of at least 25,000 consumers.The law specifically does not apply to state and local governments, state institutions of higher education, personal data governed by certain state and federal laws, and employment records.When it takes effect: July 1, 2023When it was passed: July 7, 2021Other notes: Similar to the VCDPA and to the CCPA, the CPA does not create a private right of action. Enforcement is exclusively with the state’s Attorney General and District Attorneys. Additionally, the act specifically states that a violation of its requirements is a deceptive trade practice for purposes of enforcement. Utah Cybersecurity Affirmative Defense ActWhat it does: Utah’s Cybersecurity Affirmative Defense Act provides new affirmative defenses that businesses in Utah can use to defend themselves against lawsuits arising out of a data security breach. The law states that an organization can affirmatively defend itself against a data security breach lawsuit that alleges that the organization failed to implement reasonable information security controls, so long as that organization maintained and complied with a written cybersecurity program that meets certain requirements spelled out within the law.The new law also allows an organization to defend itself against claims that it failed to appropriately respond to a cybersecurity breach, so long as its cybersecurity program had reasonable protocols in place for responding to breaches.Additionally, an organization can defend itself against claims that it failed to appropriately notify individuals effected by a data breach if the organization’s cybersecurity program had reasonable protocols in place for notifying individuals about breaches and those protocols were followed after the breach.In this way, the law provides an incentive for Utah businesses to implement updated cybersecurity programs to protect Utah residents’ personal data more effectively, by providing defenses to data breach lawsuits if such programs are implemented and followed.Who it applies to: Any person (which the law defines as an individual and most business organizations) that creates, maintains, and reasonably complies with a written cybersecurity program that meets the requirements spelled out within the act, and is in place during the relevant cybersecurity breach.When it takes effect: May 5, 2021When it was passed: March 11, 2021Other notes: The affirmative defenses are not available where the organization had advanced notice of a cybersecurity threat or risk. The law also states that it does not provide for a private right of action for failing to comply (thus private citizens may not sue organizations who don’t implement cybersecurity programs that meet the requirements spelled out within the law). California Consumer Privacy Act AmendmentsWhat it does: The amendments update the California Consumer Privacy Act (passed in 2018) to include three general changes relating to a consumer’s right to opt out of the selling of their personal information, and one change to authorized agent requests for information related to a consumer’s personal information.The three changes relating to a consumer’s right to opt out of the selling of their information include the following:Any business that sells personal information that it collected offline must now inform consumers in an offline method of their right to opt out, including instructions on how to do so.Authorizes the use of a specific “opt-out” icon that can be used in addition to posting the notice of the right to opt out (but not in lieu of that notice).Mandates that a business’s method for consumer request submissions to opt out must be easy to execute, require minimal steps, and not designed in a way that purposefully or substantially subverts or impairs a consumer’s choice to opt out.The change regarding authorized agent requests to a business on behalf of a consumer related to the consumer’s personal information includes the following:When a consumer uses an authorized agent to submit a request for information about the personal data a company has collected from the consumer (or requests to change or delete that personal data), the responding business may now require the authorized agent to provide proof that the consumer gave the agent signed permission to submit the request. The business may also require the consumer to do either of the following:(1) Verify their own identity directly with the business.(2) Directly confirm with the business that they provided the authorized agent permission to submit the request.This is a change from the previous version of the law, which mandated that the consumer provide the authorized agent’s signed permission, in addition to the other two requirements listed above.Who it applies to: All California residents have rights under the CCPA. Any for-profit business that does business in California and meets any of the following criteria must comply with the CCPA:Has a gross annual revenue of over $25 million.Buys, receives, or sells the personal information of 50,000 or more California residents, households, or devices; orDerives 50% or more of their annual revenue from selling California residents’ personal information.When it takes effect: March 15, 2021When it was passed: March 15, 2021 GDPR ChangesNew Standard Contractual Clauses (SCCs) Issued by the European CommissionWhat it Does: The SCCs are a contractual device used to help ensure that personal data transferred outside the EU is kept secure and complies with GDPR requirements, wherein the entity receiving the data contractually agrees to protect the transferred personal data according to stringent GDPR requirements. After the 2020 invalidation of the EU-US Privacy Shield, SCCs are now one of the only viable GDPR-compliant methods for entities within the US to receive personal data from entities in Europe.The new SCCs take into account the decision-making behind the invalidation of the EU-US Privacy Shield. Whereas the old SCCs were rigid, the new SCCs provide a bit more flexibility. They are now “modular,” meaning entities can now choose from a selection of four different models, depending on the type of transaction: controller to controller; controller to processor; processor to sub-processor; and processor to controller. They also expand the rights given to data subjects, including the right to enforce SCC provisions against both the data exporter and data importer. Additionally, the SCCs mandate that data importers must agree to EU jurisdiction (including EU courts as well as compliance with applicable EU data protection laws). There is also a new optional clause (Clause 7) that allows new parties to be added to the SCCs, as well as new Annexes that must be customized for each transaction.Who it applies to: A data importer located in a country without an EU adequacy decision (like the US) that is not itself subject to the GDPR should utilize the new SCCs to transfer personal data from the EU – unless exceptions apply (i.e., the parties are able to rely on an alternate transfer mechanism, etc.). However, Recital 7 of the new SCCs appears to state that when the data importer is itself subject to the GDPR (for example, because the company provides services or goods to individuals living in the EU), the new SCCs cannot be used. This language has left open questions around what transfer mechanism companies should use in that situation (see below for a summary of additional guidance issued by the European Data Protection Board surrounding this issue).Additionally, due to Brexit, the new SCCs do not apply in the UK. The UK Information Commissioner’s Office (ICO) has launched a public consultation on drafting a new set of SCCs for use within the UK.When it takes effect: The new SCCs became effective on June 27, 2021. Any new contracts and processing transactions taking place after September 27, 2021 must use the new SCCs. Any contracts entered into prior to September 27th, 2021 must be updated with the new SCCs by December 27, 2022.When it was issued: June 4, 2021 New Guidance for Cross-Border Data Transfers Issued by the European Data Protection Board ("EDPB")What it Does: The invalidation of EU-US Privacy Sheild in 2020, along with the new SCCs (above), has led to uncertainty around how to comply with the GPDR when transferring data between the EU and countries such as the US that do not have an adequacy decision (i.e., a decision by the European Commission that a country outside the EU offers adequate levels of data protection to safely protect EU personal data that is transferred there). In particular, language within the Recitals of the SCCs states that the new SCCs only apply to data transfers between a data exporter and a data importer who itself is not subject to GDPR. This language has left open questions around what type of transfer mechanism (if any) is needed for a transfer of data to an importer that is already subject to the GDPR.New guidance issued by the EDPB provides some concrete answers to a few of these questions, as well as resolved some other long-standing murkiness about cross-border transfers (even if the guidance does not resolve all uncertainty).For example, the guidance now definitively states that data transfers from an EU-based data exporter to a data importer based outside the EU is, in fact, a transfer within the meaning of Article 44 of the GDPR and therefore would require the importer to enter into an SCC (or possibly adopt Binding Corporate Rules). However, as noted above, if the importer is itself subject to the GDPR, Recital 7 of the new 2021 SCCs state that the new SCCs cannot be used, leaving open the question of what SCC should be used in that situation. Note that the minutes to the European Data Protection Board plenary meeting held in September of 2021 mention that the EU Commission will issue a new set of SCC to govern this type of data transfer.The guidance also settled some long-standing questions around other types of transactions that are not considered transfers of data under Article 44 of the GDPR. For example, the new guidance affirmatively states that “direct collections” of personal data from individuals located within the EU does not constitute a transfer of data (because when the information is collected directly, there is no transfer between controller and processor). It also clarified that “intra-company” data transfers are not considered a transfer of data under Article 44 because a transfer requires two parties. However, note that while these transactions are not considered “transfers” under Article 44, all other applicable GDPR protections still apply and must be followed.Who it applies to: The guidance will be particularly useful for any non-EU organization that needs to transfer or collect data from within the EU. When it takes effect: November 19, 2021When it was issued: November 19, 2021 Other New RegulationsChina’s Personal Information Protection Law (PIPL)What it does: China’s new Personal Information Protection Law is a GDPR-like comprehensive data protection law aimed at protecting the personal information of “natural persons” located within China. It governs how companies collect, process, and transfer personal data of people within China and like the GDPR, is exterritorial in its reach – meaning it applies to companies outside of China that handle the personal data of someone located in China. Also like the GDPR, it allows individuals in China to request access to their personal data that a company has collected and ask for it to be corrected or deleted. And like the GDPR, the regulation includes the risk of large fines against companies that fail to comply with its mandates – including up to five percent of a company’s annual revenue. However, unlike the GDPR, failure to comply also includes the risk of being “blacklisted” by the Chinese government, as well as possible criminal penalties.Multinational organizations with Chinese employees should also be aware that the law contains specific regulations regarding transferring the personal information of Chinese employees across the country’s borders. This means that companies cannot transfer internal employee information (including typical information routinely handled by a company’s HR department) outside of China’s borders without the consent of the employee and meeting other specifications spelled out within the law.Who it applies to: The PIPL protects the personal data of people located in China. It applies to companies operating in China, as well as organizations outside of China that process the personal data of people within China for any of the following reasons:(1) To provide products or services to people in China;(2) To analyze or assess the behavior of people in China; or(3) Any other circumstances that falls under unspecified Chinese laws and regulations.When it takes effect: November 1, 2021When it was issued: August 20, 2021data-privacydata-privacyblog; data-protectionsarah moran