Lighthouse Blog

At Lighthouse our teams have the benefit of working across numerous clients, cases, and jurisdictions. As a result, we are building deep institutional knowledge across many aspects of eDiscovery that may be more difficult for individuals or teams to amass organically. To benefit our clients, we regularly share these insights in an ongoing series of best practices articles. This article provides updated guidance on cross-border eDiscovery in the wake of a recent adequacy determination by the European Commission for EU-US data transfers.Best Practices to Support Cross-Border Data Transfers in eDiscovery In any matter that potentially involves the processing and transfer of personal data across country borders, case teams should consider the following factors before deciding on a strategy:The underlying company’s own policy governing the processing of personal data (including transfer mechanisms, such as consent and/or binding corporate rules)The specific countries at issue (some countries have additional requirements for data residency, heightened consent requirements, etc.)The nature of the data (including special categories of protected data, i.e., high risk data), as well as the importance of the custodian and uniqueness/criticality of the dataThe options and feasibility of obtaining custodian consent for the transfer of their data (e.g., time to obtain consent, employment status of the custodian, the impact of obtaining consent on an investigation)When evaluating options for where the data should be processed, case teams should also consider:The country where most custodians are located (i.e., where the largest volume of data will be located) Data center options (if no data center, consider other cloud based or remote kit options and the impact on downstream search/review)The pros and cons of processing data in a single data repositoryMinimization at the point of collection as opposed to once data is processed into a review toolNote that most clients follow a “hub-centric” approach and process data in accordance with specific regions, e.g., data stored in the US is processed in the US; data stored in Europe is processed in a European data center; data stored in APAC is process either in APAC, depending on the country-specific laws, or in Europe, and so forth.Whenever non-U.S. data is present in a matter, case teams should consider the following best practices for cross-border data transfers:Establish lawful grounds for processing personal data (e.g., custodian consent, adequacy decision, or a legal exception defined by applicable data privacy regulations, such as the GDPR’s legitimate business interest exception). Note that many case teams choose not to rely solely on custodial consent for larger matters, unless the data originates from a highly restrictive jurisdiction (e.g., Switzerland, France, Germany, Luxembourg, etc.) or the matter involves specially protected data. Ensure there are adequate safeguards in place to support exceptions, such as the legitimate business interest exception. At a minimum, this includes efforts to “minimize” what is being processed (i.e., collecting only data that is necessary for the activity at hand). Case teams can minimize the volume of data being processed by using keywords or other filters to reduce what is collected, culling data at the processing stage, conducting a search for certain categories of personal data, redacting personal data, and permitting a custodian to review data prior to transfer.Case teams should also follow specific best practices when encountering any of the below scenarios during eDiscovery: Matters involving U.S. litigations and eDiscovery: Consider adding supplemental data privacy safeguards, including putting a protective order in place that specifically addresses the handling of personal data subject to applicable law (e.g., GDPR and other applicable country specific regulations). This includes provisions to designate certain data as subject to the protective order and specific provisions that require the deletion of data (and confirmation of deletion) once the litigation concludes. Matters involving cross-border transfers from other (non-U.S.) countries: Ensure an appropriate cross-border transfer mechanism is in place for all data transfers. Common examples of appropriate cross-border transfer mechanisms include model contract clauses, intra-company agreements, and adequacy decisions rendered by the European Commission (including the adequacy decision for the new EU-U.S. Data Privacy Framework).Matters involving data originating in China (PRC): Take into consideration all data security implications and PRC laws before transferring any data out of the country (including the requirement to conduct a state-secrets review in-country before any data can be transferred outside the country).Matters involving data originating in countries with heightened privacy restrictions and/or sector-specific requirements (i.e., bank secrecy): Consider processing (and potentially reviewing) data in-country.Document the protocol adhered to for each matter.ConclusionWhile transferring personal data across borders may feel like an increasingly complicated task for legal and eDiscovery teams, it is also a task that will be increasingly necessary as corporate data volumes grow and spread. The good news is that case teams do not have to navigate those complexities alone. An experienced eDiscovery partner with a global footprint and information governance/legal experts on staff can work closely with both outside and in-house counsel to develop a solution for cross-border data transfers that meets the legal requirements and needs of each matter. resource-article; data-privacy; information-governanceCross-border data transfercross-border-data-transfersjamie brown

Similar matters often pull in the same documents for review during eDiscovery. Many legal teams default to manually reviewing these documents for each matter, but this is quickly becoming untenable.Legal teams can reduce the burden of repeated review through the application of advanced technology and proactive review strategies. They may encounter barriers, from limitations of their current tools to concerns about defensibility. But legal teams can take small steps now that overcome these barriers and prepare them to meet the time, budget, and other pressures they face today.Repeated review exacerbates today’s challengesWe're approaching a time when legal teams simply can’t afford to review the same documents multiple times across matters. The size of modern datasets requires teams to reduce eyes-on review wherever possible. Meanwhile, repeated review of the same documents opens the door to inconsistency, error, and risk.When teams succeed in reducing repeated review, they turn their most common pain points into new sources of value. They get more out of their review spend, help review teams work faster, and achieve the accuracy that they expect and the courts demand.In an earlier post, we dig more deeply into when repeated review happens, what it costs, and how technology can support a different approach. If you’re eager to explore solutions, that’s a great place to start.But many legal professionals are unable to think about solutions yet. They face a range of internal and external barriers that make it hard to move or even see past the status quo of repeated review.If that’s the boat you’re in, keep reading.Changing your approach may appear dauntingLegal teams often have solid reasons for persisting with repeated review. These include:Feasibility concerns Every matter is unique, and teams may assume this means nothing of value carries over from one matter to another.Attorneys may distrust the decisions or data practices associated with prior matters. They prefer starting over from scratch, even if it means repeating work.Technology barriers Legacy tools and software lack the advanced AI necessary to save work product and apply learnings from matter to matter, but adopting new technology takes time and money that legal teams are wary of spending.Companies who use multiple vendors and eDiscovery review teams may store their data in multiple places, making it hard to reuse past work product.It’s true that no two matters are exactly alike, adopting new technology can be challenging, and it’s hard to trust the reliability of something you’ve never used before. But this doesn’t mean that repeated review is still the best option. As shown above, the costs are simply too high.So, what do we do about these barriers? How are teams supposed to move past them? The answer: One step at a time.Explore what’s possible by starting smallThese barriers are most formidable when you imagine rethinking your entire review approach. The idea of looking for potential document overlap across a huge portfolio, or finding and implementing a whole new technology suite, may be too overwhelming to put into action.So don’t think of it that way. Take small steps that explore the potential for reducing repeated review and chip away at the barriers holding you back. Instead of “all or nothing,” think “test and learn.”Look ahead to future matters, perform hybrid QC on past decisionsTo explore the feasibility of reducing repeated review, look at one matter with an eye on overlap. Does it share fundamental topics or custodians with any recent or future matters? Is it likely to have spin-off litigations, such as cases in other jurisdictions or a civil suit that follows a federal one?To build trust in decisions made during prior matters, try performing QC with attorneys and technology working in tandem. This can provide a quick and informative assessment of past decisions and calibrate your parameters for review going forward.Find a technology partner who meets you where you areIf your team lacks the technology to reuse work product, the right partner can right-size a solution for your needs and appetite. The hybrid QC example above applies here too. Many legal teams find that QC is an ideal venue for assessing the performance of advanced AI and getting a taste for how it works, because it’s focused, confined, and accompanied by human reviewers. From there, your team might expand to using advanced AI on a single matter, and eventually, on multiple matters. In all cases, your partner can do the heavy lifting of operating the technology, while explaining each step along the way, with enough detail that you can articulate its use and merits in court (or can “tag in” to present that explanation for you). “The right partner” in this context is someone with the data science expertise to apply the technology in the ways you need, along with the legal experience to speak to your questions and need for defensibility.Likewise, when data or case work are spread across multiple teams and locations, a savvy partner can still find ways to avoid duplicate work. This story about coordinating review across 9 jurisdictions is a great example.Take your time—but do take actionThe beauty of starting small is how it respects both the need to improve and the difficulty of making improvements. Changing something as intricate and important as your document review strategy won’t happen overnight. That’s okay. Take your time. But don’t take repeated review as a given. It threatens timelines, budgets, and quality. And it’s not your only option.For more on the subject, including specific scenarios where teams can reduce repeated review, see our in-depth primer.ediscovery-review; ai-and-analyticsreview; ai-and-analytics; ediscovery; ediscovery-processsarah moran

Modern data volumes and complexity have ushered in a new era of document review. The traditional approach, in which paid attorneys manually review all or most documents in a corpus, fails to meet the intense needs of legal teams today.Specifically, legal teams need to:• Scale their document review capability to cover massive datasets• Rapidly build case strategy from key information hidden in those datasets• Manage the risk inherent in having sensitive and regulated information dispersed across those datasetsAdvanced review technology—including AI-powered search tools and analytics—enables teams to meet those needs, while simultaneously controlling costs and maintaining the highest standards of quality and defensibility. Rather than ceding decisions to a computer, reviewers are empowered to make faster decisions with fewer impediments. (For a breakdown of how technology sets reviewers up for success, see our recent blog post). In a nutshell, legal teams that use advanced technology can be more flexible, tackling large datasets with fewer resources, and addressing strategy and risk earlier in the process.A flexible approach to scale: refining the responsive setResponsiveness is the center of all matters. With datasets swelling to millions of documents, legal teams must reduce the responsive set defensibly, cost-efficiently, and in a way they can trust.With traditional eyes-on review, the only way to attempt this is to put more people or hours on the job. And this approach requires reviewers to make every coding decision, which is often mentally taxing and prone to error. Advanced review technology is purpose-built to scale for large datasets and provide a more nuanced assessment of responsiveness. Namely, it assigns a probability score—say, a given document is 90% or 45% likely to be responsive—that you can use to guide the review team. Often this means reviewers start with the highest-probability docs and then proceed through the rest, eventually making their way through the whole corpus. But legal teams have a lot of flexibility beyond that. Combining machine learning with rules-based linguistic models can make responsive sets vastly more precise, decreasing both risk and downstream review costs.Using this approach, machine learning is leveraged for what it does best—identifying clearly responsive and clearly non-responsive materials. For documents that fall in the middle of machine learning’s scoring band—those the model is least certain about—linguistic models built by experts target responsive language found in documents reviewed by humans, and then expand out to find documents with similar language markers. This approach allows legal teams to harness the strengths of both computational scalability and human reasoning to drive superior review outcomes.A flexible approach to strategy: finding key documents fasterOnly about 1% to 1.5% of a responsive set consists of key documents that are central to case planning and strategy. The earlier legal teams get their hands on those documents, the sooner they can start on that invaluable work.Whereas it takes months to find key documents with traditional review, advanced technology shortens the process to mere weeks. This is because key document identification utilizes complex search strings that include key language in context. For example, “Find documents with phrase A, in the vicinity of phrases B, C, and D, but not in documents that have attributes E and F,” and so on. A small team of linguistic experts drafts these searches and refines them as they go, based on feedback from counsel. In one recent matter, this approach to key document identification proved 8 times faster than manual review, and more than 90% of the documents it identified had been missed or discarded by the manual review team.The speed and iterative nature of this process are what enable legal teams to be more flexible with case strategy. First, they have more time to choose and change course. Second, they can guide the search team as their strategy evolves, ensuring they end up with exactly the documents they need to make the strongest case.A flexible approach to risk: assessing privilege and PII sooner and more cost effectivelyReviewing for privilege is a notoriously slow and expensive part of eDiscovery. When following a traditional approach, you can’t even start this chore until after the responsive set is established.With advanced technology, you can review for privilege, PII, and other classifications at the same time that the responsive set is being built. This shortens your overall timeframe and gives you more flexibility to prepare for litigation.Legal teams can even be flexible with their privilege review budget. As with responsiveness, advanced technology will rate how likely a document is to be privileged. Legal teams can choose to send extremely high- and low-scoring documents to less-expensive review teams, since those documents have the least ambiguity. Documents that score in the middle have the most ambiguity, so they can be reviewed by premium reviewers.It’s all about options in the endBroadly speaking, the main benefit of supporting document review with advanced technology is that it gives you a choice. Legal teams have the option to start key tasks sooner, calibrate the amount and level of eyes-on review, and strategize how they use their review budgets. With linear review, those options aren’t available. Legal teams that give themselves these options, by taking advantage of supportive technology, are better able to scale, strategize, and manage risk in the modern era of document review.ediscovery-review; ai-and-analyticsediscovery-review, ai-and-analytics, ai/big dataai-big-data eric pender

Handling large volumes of data during an investigation or litigation can be anxiety-inducing for legal teams. Corporate datasets can become a minefield of sensitive, privileged, and proprietary information that legal teams must identify as quickly as possible in order to mitigate risk. Ironically, corporate data also provides a key to speeding up and improving this process. By reusing metadata and work product from past matters in combination with advanced analytics, organizations can significantly reduce risk and increase efficiency during the review process.In a recent episode of Law & Candor, I discussed the complex nature of corporate data and ways in which the work done on past matters—coupled with analytics and advanced review tools—can be reused and leveraged to reduce risk and increase efficiency for current and future matters. Here are my key takeaways from the conversation.From burden to asset: leveraging data and analytics to gain the advantageThe evolution of analytical tools and technologies continues to change the data landscape for litigation and investigations. In complex matters especially—think multi-district litigation, second requests, large multi-year projects with multiple review streams—the technology and analytics that can now be applied to find responsive data not only helps streamline the review process but can extend corporate knowledge beyond a single matter for a larger purpose. Companies can now use their data to their advantage, transforming it from a liability into an asset. Prior to standardization around threading and TAR and CAL workflows, repository models were the norm. Re-use of issue coding was the best way to gain efficiency, but each matter still began with a clean slate. Now, with more sophisticated analytics, it’s not just coding and work product that can be re-used. The full analysis that went into making coding decisions can be applied to other matters so that the knowledge gained from a review and from the data itself is not lost as new matters come along. This results in greater overall efficiencies—not to mention major cost-savings—over time.Enhanced tools and analytics reduce the risk of PII, privilege, and other sensitive data exposureWith today’s data volumes, the more traditional methods used in review, such as search terms and regular expression (regex), can often result in high data recall with low precision. That is, such a wide net is cast that a lot of data is captured that isn’t terribly significant, and data that does matter can be missed. Analytical modeling can help avoid that pitfall by leveraging prior work product and coding to reduce the size of the data population from the outset, sometimes by as much as 90%, and to help find information that more traditional tools often miss.This is especially impactful when it comes to PII, PHI, and privileged or other sensitive data that may be in the population, because the risk of exposure is significantly reduced as accuracy increases. Upfront costs may seem like a barrier, but downstream cost savings in review make up for itWhen technology and data analytics are used to reduce data volume from the beginning, efficiencies are gained throughout the entire review process; there are exponential gains moving forward in terms of both speed and cost. Unfortunately, the upfront costs may seem steep to the uninitiated, presenting what is the likely barrier to the lack of wide adoption of many advanced technologies. The initial outlay before a project even begins can be perceived as a challenge for eDiscovery cost centers. Also, it can be very difficult for any company to keep up with the rapid evolution of both the complex data landscape and the analytics tools available to address it—the options can seem overwhelming. Finding the right technology partner with both expertise and experience in the appropriate analytics tools and workflows is crucial for making the transition to a more effective approach. A good partner should be able to understand the needs of your company and provide the necessary statistics to support and justify a change. A proof-of-concept exercise is a way to provide compelling evidence that any up-front expenditure will more than justify a revised workflow that will exponentially reduce costs of linear document review.How to get startedSeeing is believing, as they say, and the best way to demonstrate that something works is to see it in action. A proof-of-concept exercise with a real use case—run side-by-side with the existing process—is an effective way to highlight the efficiencies gained by applying the appropriate analytics tools in the right places. A good consulting partner, especially one familiar with the company’s data landscape, should be able to design such a test to show that the downstream cost savings will justify the up-front spend, not just for a single matter, but for other matters as well. Cross-matter analysis and analytics: the new frontierTAR and CAL workflows, which are finally finding wider use, should be the first line of exploration for companies not yet well-versed in how these workflows can optimize efficiency. But that is just the beginning. Advanced analytics tools add an additional level of robustness that can put those workflows into overdrive. Cross-matter analysis and analytics, for example, can address important questions: How can companies use the knowledge and work product gleaned from prior matters and apply them to current and future matters? How can such knowledge be pooled and leveraged, in conjunction with AI or other machine learning tools, to create models that will be applicable to future efforts?Marrying the old school data repository concept with new analytics tools is opening a new world of possibilities that we’re just beginning to explore. It’s a new frontier, and the most intrepid explorers will be the ones that reap the greatest benefits. For more information on data reuse and other review strategies, check out our review solutions page.ai-and-analytics; data-privacy; ediscovery-reviewcorporate; ai-and-analytics; analytics; big-data; compliance-and-investigations; corporationcassie blum

When the Federal Rules of Civil Procedure were amended in December of 2006 to include “electronically-stored information” as an information category subject to discovery, even the most visionary eDiscovery practitioners could not have anticipated what this would mean in the years to come.Although the tech-savvy among them may have anticipated the future challenge of increasing data volumes, who could have foreseen the impact of the Cloud and the exponential growth of data types and communication applications? No one in 2006 could have anticipated the explosion of third-party messaging apps (think WhatsApp, Signal, Snapchat, Telegram, WeChat, etc.) proliferated by a worldwide pandemic. Some of these applications allow users to send encrypted messages or ephemeral messages (messages that disappear after sending) and usually exist outside of native Apple or Android apps. Therefore, they raise uniquely challenging data governance and eDiscovery issues. Unfortunately, for a variety of reasons, organizations have had trouble implementing compliance policies that directly address those downstream eDiscovery and data governance implications. Mobile device policies tend to focus heavily on security considerations, with little attention given to how corporate communications can be preserved, collected, and/or produced should the need arise.Information use policies that require employees to use certain systems for work-related communications and collaboration do not always account for the realities of the business. Additional complexities include the proliferation of chat applications in the market, practical challenges collecting mobile device data (including forensic imaging in some cases), the co-mingling of personal and work data, and privacy implications.But while organizations have struggled to implement policies that address the full breadth of these challenges, eDiscovery obligations remain constant. Given the rise in the use of third-party applications for work communications (in some cases to potentially evade recordkeeping policies for more traditional tools like email), government agencies and regulators have increased scrutiny of how these systems are being used and managed. In doing so, they increasingly consider company policies that manage records and whether adequate controls are in place to ensure compliance. Both in-house and outside counsel have a responsibility to their clients to stay abreast of this increased scrutiny in order to advise them. In light of this responsibility, we are providing an overview of recent regulatory changes, as well as best practices for companies to survive within this new regulatory era. Focus on messaging apps by government agencies and regulators Until very recently, government agencies and regulators investigating companies have focused their attention on communications contained in traditional ”workplace” messaging applications, i.e., systems designed purely for business purposes. Regulated entities have recordkeeping requirements that mandate the retention of specific categories of records for a designated period of time, including communications, with penalties for record-keeping violations. Financial institutions have paid billions in SEC and Commodity Future Trading Commission penalties to settle related allegations. Private equity firms have been in the crosshairs as well. In an ironic twist, the SEC itself has been under scrutiny for similar behavior as members of the House Financial Services Committee and other House panels question whether the agency has suffered similar recordkeeping lapses, illustrating how widespread these apps are and how difficult it is to curtail their use. The 2022 Monaco Memo and subsequent sanctionsAmidst this backdrop, the Department of Justice ("DOJ") stepped up significantly with new directives and corporate compliance guidelines for personal mobile devices and third-party chat applications. In September 2022, Deputy Attorney General Lisa Monaco issued a memo to the DOJ Criminal Division to provide "best corporate practices regarding use of personal devices and third-party messaging platforms" in what has become known as the "Monaco Memo." Monaco stated, "[t]he ubiquity of personal smartphones, tablets, laptops, and other devices poses significant corporate compliance risks, particularly as to the ability of companies to monitor the use of such devices for misconduct and to recover relevant data from them during a subsequent investigation. The rise in use of third-party messaging platforms, including the use of ephemeral and encrypted messaging applications, poses a similar challenge." 2023 DOJ best practice guidelines and DOJ sanctions In February of 2023, the DOJ filed a memorandum in support of sanctions against a large technology company for alleged "intentional and repeated destruction of company chat logs" that the U.S. government sought to use in an antitrust case against the company. The DOJ filing indicated that the company set chats to delete after 24 hours. The Federal Rules of Civil Procedure required the company to suspend its standard retention upon notice of the government's legal action in 2019, which it did not do until it received notice of the 2023 motion for sanctions. In March of 2023, after those sanctions, the DOJ updated its Evaluation of Corporate Compliance Programs ("ECCP") to emphasize the importance of preserving business communications on personal devices, various communications platforms, and messaging applications, including those offering ephemeral messaging. In subsequent remarks announcing the 2023 ECCP best-practice guidelines, Assistant Attorney General Kenneth A. Polite, Jr. pointedly noted that when companies fail to produce communications for DOJ investigations, "a company's answers—or lack of answers—may very well affect the offer it receives to resolve criminal liability. So when crisis hits, let this be top of mind." The 2023 DOJ guidelines state that prosecutors will consider three factors when evaluating the adequacy of corporate policies governing the use of personal devices, communication platforms, and messaging applications: 1. Existing communication channels2. Policies governing the existing communication channels3. Whether the corporation is adequately communicating and consistently enforcing the policiesThese new DOJ guidelines significantly expand the scope of an organization's duty to preserve corporate communications. They create a new preservation duty targeted at business-wide compliance operations. Where internal legal departments may have struggled in the past to implement culture-changing mobile device policies, compliance teams may succeed in garnering the requisite executive buy-in.A path forward for organizationsAs law enforcement agencies and regulators continue to take a more rigorous stance towards messaging applications, companies will need to explore more expansive policies to comply with various obligations to retain and preserve data. But it’s a sticky problem for both sides to address, given the different capabilities of each system, incompatibility of certain tools with regulatory recordkeeping requirements, and the hard realities of today’s workplace. For some organizations, the risks of using certain third-party applications (including the inability of the organization to comply with certain regulatory requirements) simply does not outweigh the benefit to the business, and in these circumstances, companies might choose to not permit them. There may be legitimate business reasons for employees to use these apps—they are readily available, convenient, and provide certain security and data reduction benefits. However, organizations will need to weigh whether those benefits are worth the risk of possibly losing relevant data or enabling potentially nefarious behavior.Policies, procedures, and information governance—again “Guidance” and “controls” are the operative words here. For most businesses—and certainly for those in regulated industries or frequently subject to litigation—information governance and compliance functions only increase in importance as the datasphere continues to become more complex. Guidance: To reduce exposure and risk, businesses first need to consider the requirements they are subject to and clearly define their stance on the use of ephemeral data apps. It helps to have in place a solid information governance framework, with applicable written policies and procedures that reflect that stance. As with all data-related responsibilities, employees should be provided explicit guidance regarding personal devices and messaging tools during onboarding with continual reinforcement during routine training on policies and procedures that should be a part of any robust compliance program. Evidence of rigor in communicating to employees the appropriate use of these messaging platforms vis à vis data retention obligations can only be a benefit in case of an investigation or litigation. Controls: In addition, appropriate controls should be in place to monitor compliance and ensure required preservation, with effective means to handle non-compliance. If personal devices are approved for use, they should be subject to mobile device management (MDM), as well as policies and procedures that address their use to help ensure data safety and security.Realistically, whether or not a company allows the use of third-party apps doesn’t mean employees are sticking with the plan. It is the responsibility of the business to know what their employees are doing. Periodic testing and auditing of messaging applications is well-advised, and any employee misconduct in violation of company policies related to ephemeral messaging should be addressed and documented. Voluntarily self-disclosed misconduct can go a long way in mitigating potential damage and fines. Due consideration should also be given to whether there is the necessary IT infrastructure, resources, and budget to undertake surveillance of employee behavior and to respond to regulatory or legal requests for information, including proper implementation of a legal hold. If ephemeral messaging is allowed, can it be disabled in the event of potential litigation so that potentially relevant material is preserved? If not, there could be a problem.ConclusionThe datasphere is only going to become increasingly complex as more data-creation (and deletion) tools emerge. With regulatory recordkeeping and data retention mandates likely to remain in place, government agencies will continue to scrutinize third-party messaging applications. A robust information governance approach, as usual, is key. Companies with a defensible and effective electronic records retention policy that covers the legitimate use of messaging apps—with employees that are trained in related policies and procedures and how best to use them—will have the best chance of avoiding trouble and/or defending themselves against potential wrongdoing. chat-and-collaboration-data; forensicsforensicsdaniel black; jodi daniels

By now, legal teams facing discovery are aware of many of the common technology and technology-enabled workflows used to increase the efficiency of document review on a single matter. But as data volumes grow and legal budgets shrink, legal teams must begin to think beyond a “matter-by-matter” approach. They must start applying technology more innovatively to create efficiencies across matters to minimize the burden of repeatedly reviewing the same documents again and again. Fortunately, many common technology-enabled review workflows (e.g., technology assisted review (TAR), advanced search guided by linguistic experts, and AI-powered review analytics) can help teams apply work product and insights from past matters to current and future matters. This not only saves time but also increases consistency and lowers the risk of inadvertent disclosures and cumbersome clawbacks.The opportunity to reduce repeated review is quite large, both because the problem is rampant and the technology that can help solve it is underutilized. A 2022 survey by the ABA showed that “predictive coding” is the least common application of eDiscovery software, used by only one in five law firms. In fact, 73% of respondents said they don’t know what predictive coding is (we explain it below). As document review continues to grow in complexity, and budget and other constraints apply pressure from other directions, more organizations should consider taking advantage of everything that technology has to offer.Repeated review is a large and familiar burdenRepeated review is baked into the status quo. Matters spanning multiple jurisdictions, civil litigations tied to government investigations, and matters involving the same or related IP are just a few examples in which the same documents could come up for review multiple times. Instead of looking across matters holistically, legal teams often feel obligated to roll up their sleeves, lower their heads, and review the same documents all over again—even when relevancy overlaps and for categories of information that remain relatively static across matters (privilege, trade secret, personally identifiable information (PII), etc.). This has obvious consequences for time and cost. The time invested on reviewing documents for privilege in a current matter, for example, becomes time saved on future matters involving those same documents. Risk is a factor as well. A document classified as privileged, or that contains PII or another sensitive category, in one matter should be classified the same way in the next one. But without a record of past matters, attorneys start over from scratch each time, which opens the door to inconsistency. And while it’s certainly possible to undo the mistake of producing sensitive documents, it can be quite time-consuming and expensive.Rejecting the status quo While the burden and risks associated with repeated review are felt every day, few legal teams and professionals are searching for a solution. Those willing to look beyond the status quo, however, will see that repeated review isn’t actually necessary, at least not to the degree that it’s done today. We also find that the keys to reducing repeated review lie in technology that many teams already use or have access to.Reusing work product from TAR and CAL workflows TAR 1.0, TAR 2.0, and Continuous Active Learning (CAL) workflows use machine learning technology to search and classify documents based on human input and their own ability to learn and recognize patterns. This is called predictive coding and it’s most often used to prioritize responsive documents for human review. The parameters for responsiveness change with the topics of each matter, so it’s not always possible to reuse those classifications on other matters. TAR and CAL tools can also be effective at making classifications around privilege, PII, and junk documents, which are not redefined from matter to matter. If a document was junk last time (say company logos attached to emails, blank attachments, etc.) it’s going to be junk this time too. Therefore, reusing these classifications made by technology on one matter can save legal teams even more time in the future. Refining review with linguistic expertsLinguistic experts add an extra layer of nuance to document review technology that makes them more precise and effective at classification. They develop complex criteria, based on intricate rules of syntax and language, to search and identify documents in a more targeted way than TAR and CAL tools.They can also help reduce repeated review by conducting bespoke searches informed by past matters. This process is more hands-on than using TAR and CAL tools; human linguists take lessons learned from one matter and incorporate them into their work on a related matter. It’s also more refined, so it can help in ways that TAR and CAL tools can’t.Litigation related to off-label drug use offers a good example. A company might have multiple matters tied to different drugs, making relevance unique for each matter. In this scenario, linguistics experts can identify linguistic markers that show how sales reps communicated with healthcare providers within that company. Then when the next off-label document review project begins, documents with those identifiers can be segregated for faster review. In this way, work from linguistic experts in one matter can help improve efficiency and minimize first-level review work on new matters. Apply learnings across matters using AI Review tools built on AI can reduce repeated review by classifying documents based on how they were classified before. AI tools can act as a “central mind” across matters, using past decisions on company data to make highly precise classifications on new matters. The more matters the AI is used on, the more precise its classifications become. The beauty here is that it applies to any amount of overlap across matters. The AI will recognize any documents that it has reviewed previously and will resurface their past classifications.Some AI tools can even retain the decision on past documents and associate it with a unique hash tag, so that it can tell reviewers how the same or similar documents were coded in previous matters—without the concern of over-retaining documents from past matters. Curious to challenge your status quo?TAR, AI, and other solutions can be invaluable parts of a legal team’s effort to curb repeated review — but they’re not the only part. In fact, the most important factor is a team’s mindset. It takes forethought and commitment to depart from the status quo, especially when it involves unfamiliar tools or strategies.The benefits can be profound, and the road to achieving them may be more accessible than you think.Find tips for starting small, as well as more information about how and why to address the burden of repeated review, in our deep dive on the subject.ai-and-analytics; ediscovery-review; lighting-the-path-to-better-ediscoveryreview, ai-big-data, blog, ai-and-analytics, ediscovery-reviewreview; ai-big-data; blogminimizing-re-reviewsarah moran

To keep up with the big data challenges in modern review, adopting a technology-enabled approach is critical. Modern technology like AI can help case teams defensibly cull datasets and gain unprecedented early insight into their data. But if downstream document review teams are unable to optimize technology within their workflows and review tasks, many of the early benefits gained by technology can quickly be lost.In a recent episode of Law & Candor, I was happy to discuss the ongoing evolution of document review—including the challenges of incorporating available technologies. We explored some of the most pressing eDiscovery challenges, including today’s data complexity, and how to break through the barriers that keep document review stuck in the manual, linear review model. We also discussed the value of expertise and where it may be applied to optimize review in various phases of a project. Here are my key takeaways from our conversation.Increasing data complexity challenges and entrenched manual review paradigms Today’s digital data—a wellspring of languages, emojis, videos, memes, and unique abbreviations—looks nothing like the early days of electronic information, and it is certainly a universe away from the paper world where legal teams had to plow through documents with paper cuts, redaction tape, and all. Yet, that “paper process” thinking—the manual, linear review model—still has a firm hold in the legal community and presents an unfortunate barrier to optimizing review. The evolution is telling. As digital data began to take over, the early AI adopters and the “humans need to look at everything” review camps staked their ground. Although the two are moving closer together as time goes on, the use of technology is not as highly leveraged as it could be, leaving clients to pay the high costs of siloed review when technology-enabled processes could enhance accuracy and reduce costs. There are a variety of factors that can contribute to this resistance, but it may also be simply a matter of comfort; it’s always easier to do what you already know in the face of changes that may seem too difficult or complex to contemplate. For the best result, know when and where to leverage available technologies in the review process Human beings are certainly a core component of the document review process, and they always will be, but thinking about the entire review lifecycle strategically, from collection through trial preparation, is critical when it comes to understanding where you can gain value from technology. Technology should be considered a supplement to—not a substitute for—human assessment and knowing where to use it effectively is important. When considering the overall document review process, two key questions are: Where can you get more value by using technology? And where are the potential areas of either nuanced or high-risk communications that may require a more individualized assessment? The goal, after all, isn’t to replace humans with technology, but rather to replace outmoded contract review factories with smarter alternatives that leverage the strengths of both technology and human expertise. A smaller review team, coupled with experts who can effectively apply machine learning and linguistic modeling techniques in the right place, is a much more efficient and cost-effective approach than simply using a stable of reviewers. Technology buyers need to understand what a given tech does, how it differs from other products, and what expertise should be deployed to optimize its use Ironically, the profusion of viable tech options that can applied to expedite document review may be off-putting, but this is a “many shades of gray” situation. Many products do similar things and it is important to understand what the differences are—they may be significant. Today’s tools are quite powerful and layering them alongside the TAR tools that document review teams have become more familiar with is what allows for the true optimization of the review process. These tools are not plug-and-play, however. You need to know what you’re doing. It takes specific expertise to be able to assess the needs of the matter, the nature of the data, the efficacy of the appropriate tools, and whether they’re providing the expected result. Collaboration is still the critical core component of document reviewAnd let’s not forget that document review is a collaborative process between client counsel, project managers, and the review team. Within this crucial collaboration, specific expertise at various points in the process ensures the best result, including: • Expertise in review consulting to assess the right options for both the data that’s been collected and the project goals.• Individualized experts in both the out-of-the-box TAR technology as well as any proprietary technology being used so that the tech can be fine-tuned to optimize the benefits.• A core team of expert human reviewers with the appropriate skills.Experimentation with technology can help bridge the divideWith so many products available to enhance the document review workflow, it makes sense to test potential options. Running a parallel process for a particular aspect of the review to get comfortable with a new product can be very helpful. For example, privilege review, which is an expensive part of the review process, could be a good place to test an alternate workflow. An integrated approach works bestThe bottom line is that an integrated approach, advanced technology, and human expertise, is the best solution. The technology to increase the efficiency and effectiveness of document review is out there and most of it has been shown to be low risk and high value. The cost-effectiveness of an integrated approach has been shown over and over again: In using the appropriate technology, budgets can be reduced, and savings reinvested in new matters. It is up to the client and their legal and technology teams to work together in deciding what combination of tools makes the most sense for their organization and matter types. Just make sure to call upon those with the appropriate expertise to provide guidance. For more examples of how AI and human expertise are optimizing review, check out our review solutions page. ai-and-analytics; ediscovery-reviewai-big-data, blog, managed-review, ai-and-analytics, ediscovery-reviewai-big-data; blog; managed-reviewmary newman

Generative AI. Bard. Bing AI. Large language models. Artificial intelligence continues to dominate headlines and workplace chats across every industry since OpenAI’s public release of ChatGPT in November of 2022. Nowhere was this more evident than at this year’s Legalweek event. The annual conference, which gathers thousands of attorneys, legal practitioners, and eDiscovery providers together in New York City, was dominated by discussions of ChatGPT and AI. This makes sense, of course. Attorneys must understand how major technology shifts will impact their clients or companies—especially those in eDiscovery and information governance who deal with corporate data and its challenges. But there was a slight twist to the discussions about ChatGPT. In addition to the possible impacts and risks to clients who use the technology, there was just as much, if not more, focus on how it could be used to streamline eDiscovery.The idea of using a tool released to the public less than four months ago seems almost ironic in an industry with a reputation for slowly adopting technology. Indeed, a 2022 ABA survey showed that as few as 19.2% of lawyers use predictive coding technology (i.e., technology assisted review or TAR) for document review, up from just 12% in 2018. Even surveys dominated by eDiscovery software providers showed TAR was being used on less than 30% of matters in 2022. Given that the technology behind traditional TAR tools has existed since the 1970s and the use of TAR has been widely accepted (and even encouraged) by court systems around the world for over a decade, these statistics are strikingly low.So, what is driving this recent enthusiasm in the industry around AI? The accessibility and generative results of ChatGPT is certainly a factor. After all, even a child can quickly learn how to use ChatGPT to generate new content from a simple query. But the recent excitement in eDiscovery also seems to be driven by the significant challenges attorneys are encountering:Macroeconomic volatility and unpredictability have been a near constant stressor for both corporate legal departments and law firms. Legal budgets are shrinking, and layoffs have plagued almost every industry, leaving legal teams to do the same volume of work with fewer resources.Corporate legal teams are being pressured to evolve from a cost center to one that generates revenue and savings, while attorneys at law firms are expected to add value and expertise to all sectors of a company’s business, beyond the litigation and legal sectors they’ve traditionally operated in. And all attorneys are facing increasing demand to become experts in the risks and challenges of the ever-evolving list of new technology used by their clients and companies.New technology is generating unprecedented volumes of corporate data in new formats, while eDiscovery teams are still grappling with better ways to collect, review, and produce older data formats (modern attachments, collaboration data, text messages, etc.) In short, even the most technology-shy attorneys may be finding themselves at a technology “tipping point,” realizing that it is impossible to overcome some of these challenges without leveraging AI and other forms of advanced technology. But while the challenges may seem grim, there is an inherent hopefulness in this moment. The legal industry’s tendency to adopt AI technology more slowly than other sectors means there’s ample opportunity for growth. Some forward-thinking legal teams, with the help of eDiscovery providers, have already been leveraging advanced AI technology to substantially increase the efficiency and accuracy of eDiscovery workflows. This includes tools that utilize the technology behind ChatGPT, including large language models and natural language processing (NLP). And unlike ChatGPT, where privacy concerns have already been flagged regarding its use, existing AI solutions for eDiscovery were developed specifically to meet the stricter requirements of the legal industry—with some already overcoming tough scrutiny from regulators, opposing counsel, and courts. In other words, the big eDiscovery question of 2023 may not be, “Can ChatGPT revolutionize eDiscovery in the future?” but rather, “What can advanced AI and analytic tools do for eDiscovery practitioners right now?” While the former is up for debate, there are definitive answers to the latter threaded throughout many of the other major industry discussions happening now. Some of those discussions include:If you want to go far, go together Today’s larger and more complicated data volumes often make the traditional eDiscovery model feel like the proverbial round hole that the square (data) peg was not designed to fit into. And it’s becoming increasingly expensive for legal teams to try to do so. To operate in this new era, it’s essential to work with partners who can help you meet your data needs and align with your goals. A good example is when an in-house legal team partners with a technology-forward law firm and eDiscovery provider to build a more streamlined and modern eDiscovery program. This kind of partnership provides the resources, expertise, and technology needed to take a more holistic approach to eDiscovery—breaking away from the traditional model of starting each new matter from scratch. These teams can work together to create and deploy tools and expertise that reduce costs and improve review outcomes across all matters. For example, customized AI classifiers built with data and work product from the company’s past matters, cross-matter analytics that identify review and data trends, and tailored review workflows to increase efficiency and accuracy for specific use cases. This partnership approach is a microcosm of how different organizations and teams can work together to overcome common industry challenges. Technology that meets us where we areDespite all the chatter around ChatGPT, there is currently no “easy AI button” to automate the document review process. However, modern eDiscovery technology (including advanced AI) can be integrated into almost every stage of the document review process in different ways, depending on a case team’s goals. This technology-integrated approach to eDiscovery workflows can help case teams achieve unprecedented efficiency and review accuracy, mitigate risks of inadvertently producing sensitive documents, minimize review redundancy across matters, and quickly pull out key themes, timelines, and documents hidden within large data volumes. Technology-forward law firms and managed review partners can help case teams integrate advanced technology and specialized expertise to achieve these goals in a defensible way that works with each company’s existing data and workflows. The only constant is change The days of a static, rarely updated information governance program are gone. The nature of cloud data, the speed of technology evolution and adoption, and the increasingly complex patchwork of data privacy and security regulations mean that legal and compliance teams need to be nimble and ready for the next new data challenge. New generative AI tools like ChatGPT may only add to this complexity. While this type of technology may be largely off limits in the near future for eDiscovery providers and law firms due to client confidentiality, data privacy, and AI transparency issues, companies in other industries have already begun using it. Legal and compliance teams will need to ensure that any new data created by generative AI tools follow applicable data retention guidelines and regulations and begin to think through how this new data will impact eDiscovery workflows.The furor and excitement over the potential use cases for ChatGPT in eDiscovery are a hopeful sign that more legal practitioners are realizing the potential of AI and advanced analytic technology. This change will help push the industry forward, as more in-house teams, outside counsel, and eDiscovery providers partner together to overcome some of the industry’s toughest data challenges with advanced technology.For other stories on practical applications of AI and analytics in eDiscovery, check out more Lighthouse content. lighting-the-way-for-review; ai-and-analytics; lighting-the-path-to-better-reviewai-big-data, blog, ai-and-analytics,ai-big-data; blogsarah moran