Welcome to Module 2-A.

What Game Does an e-Discovery Team Play?

Interdisciplinary Team ApproachAn e-Discovery Team is an interdisciplinary group of lawyers and IT technicians, usually joined by one or more representatives of business management, but sometimes by scientists and other relevant specialists. Such Teams should be formed in law firms that do e-discovery, and in most large organizations subject to routine e-discovery requests. In law firms the teams will include the firm’s attorneys and paralegals who have special expertise in e-discovery, representatives from the litigation support department, possibly also IT. If a law firm or corporation is large enough to have a records management or information services department, one or more of their members  may also be part of the Team. In either the corporate or law firm environment the Team is dedicated to the tasks of electronic discovery. One of my fundamental premises, which you will see repeated throughout this course, is that such Teams are the most efficient and effective way to do e-discovery. In fact, in my view this kind of Team solution lies at the heart of this new legal field. This is a key module to explain what e-discovery teams do in the context of the EDRM model. For what attorney members of an e-discovery team do, see the EDBP.com model  – Electronic Discovery Best Practices. Unlike EDRM, the EDBP work flow is limited to actual legal work.

So back to the team tasks (lawyers and techs) addressed in this class and what they do: what “games” e-Discovery Teams play?

Hide the ball is certainly not the game for an e-Discovery Team to play. Some cynics think that is what litigation discovery is all about, and in the world of paper discovery, years ago, there was some truth to that. But not today, and certainly not in electronic discovery.

It may be tempting to some, but if you play hide the ball in e-discovery, and get caught, you may not only lose the case, but you may lose your job, and maybe even your license. It is never worth it, just ask Qualcomm’s lawyers who were involved in the Qualcomm v. Broadcom case. Instead, an e-Discovery Team plays a series of games that culminates in throwing the ball to the other side, not hiding it.

Before you can get to the final throwing step of production of electronically stored information (”ESI”), there are a series of preliminary games to be played. Here is how I summarize the e-Discovery Team playbook:

Find the Ball

Save the Ball

Pick up the Ball

Shrink the Ball

Clean the Ball

Aim the Ball

Throw the Ball

The first game of find the ball is called the Identification step in the standard industry language of the Electronic Discovery Reference Model (”EDRM”). By looking at the standard EDRM model below you can quickly see how each game represents a basic step in the EDRM. The first step in the full nine-step model, Records Management, shown at the beginning of this chapter as Records Life Cycle, is not really part of Team-play in the context of litigation, but rather is preparation to play the game. Still, it is a critical part of e-discovery Team work and is discussed throughout the course.


Find the Ball

Find_BallFinding the ball, or Identification, is far easier said then done. For most companies, the problem derives from storing terabytes of data. Imagine a string of warehouses storing a billion basketballs, and you have to search through and find the one ball among them autographed by Michael Jordan. Unless the Team is well established, you probably do not have an accurate, detailed, up-to-date map of all of the warehouses. You probably have only a vague idea where this one basketball might be located. It might be somewhere in a centralized bin, or in any one of dozens of other locations, including closets in employee homes, or off-site Internet storage lockers. It might even exist only in a shrunk down version, hiding in the pocket of one of a thousand employees; perhaps in their thumb-drive, or iPhone. Moreover, every day a thousand basketballs are destroyed (hopefully not the one with Jordan’s autograph), and twelve hundred new ones are added. Yes, it is a very challenging game indeed

To make matters worse, you are never sure exactly what balls you are looking for, especially when the game first begins. You may have to guess, from a vague complaint, what balls are relevant. Under federal notice pleading rules, very few details are required in a complaint to state a cause of action. So defense counsel is often left speculating what ESI will be discoverable and relevant in a new case. Still, you have to start making educated guesses to try to find the right batch of balls. From the large selection first identified, you will eventually throw a few to the other side.

The way most Teams do this is to analyze the dispute to try to determine what the issues will be in the case. This gives you a general idea of the types of balls that may come into play. Then you start to determine a general time line; hopefully the potentially relevant balls will be constrained by time. You may be able to know, with some certainty, that balls made before or after a certain time are not relevant and need not be searched. An e-Discovery Team will also try to limit the search to balls made or stored by certain key players. These are the people in your company that are likely to be involved as witnesses in the lawsuit. The Team’s search should be focused on the storage bins of these key players.

Finding the ball in my sports analogy is called Identification in the standard industry model and represents the first of three steps considered critical to risk management. The other two components are Preservation (saving the ball) and Collection (picking up the balls). If the Team does these three steps correctly, it will protect the company or client from costly sanctions so common in e-discovery work.

Save the Ball

After playing find the ball, the next game is save the ball. Here the Team devises ways to preserve most of the balls identified as potential evidence in the last game. Again, this can be a very challenging game, especially when your company has many different auto-destruct routines in place (and most companies do).


If you think it is easy to stop all of these programs, just ask Intel. They thought they had stopped deletion of excess email for all the key players in the anti-trust case against AMD, but in fact the janitor programs remained in place for the most important players, including the top officers of the company. Their email was deleted for years after the case was filed. They tried to play a very complicated game of save the ball, but failed. For a better idea of just how difficult this game can be, check out Intel’s report to the supervising district court judge on their failed attempts to preserve evidence.This mistake has supposedly already cost Intel millions of dollars to correct by forcing them to go to their backup tapes to find the deleted emails, and the meter is still running. AMD is, of course, claiming that the error was intentional. They would like the court to enter sanctions for spoliation and turn this mistake into an outright win of the whole case.

So make no mistake about it, save the ball is one of the most important games an e-Discovery Team plays. That is why most e-Discovery Teams focus on this game as soon as the Team is formed, and look for ways to improve their company’s litigation hold procedures.

Pick Up the Ball

Pick_Up_BallsAgain, this game sounds easy enough, you just collect the relevant ESI from the data you have identified and preserved. Seems easy, but it is not. There are tricks and traps here aplenty. If you are not careful, you could collect too much or too little. Generally you do not want to simply pick up all of the balls you have saved. That will make the next games too expensive. You want to screen out the ones that are unlikely to be needed, and probably are not relevant at all, but were preserved just in case. You want to preserve more broadly than collect because you never want to play save the ball twice in the same case. Not only is that kind of do-over expensive, but it may be futile because, in the meantime, routine processes may have deleted many balls not saved in the first pass.

You also do not want to pick up too few balls, and leave behind many that are directly relevant and should later be thrown to the other side. That kind of careless collection can also be expensive. It can force you into an expensive do-over, and open you to charges of hiding the ball and the imposition of sanctions. (Sanctions are covered in detail in Section Four of this course.)

Careless collection often occurs if the Team simply delegates this function to the key witnesses, and does not properly supervise or follow-up on their ball-picking efforts. The same comment holds true to the two prior games of ball identification and preservation. The Team cannot over-delegate its responsibility to key players and then just hope for the best. These are their games, and the Team must take responsibility to see they are played correctly. That is the whole purpose of an e-Discovery Team.

For that reason, in most cases it will not suffice to simply send out a preservation letter to the key players which describes the dispute, and then leaves it to them to find the relevant balls for themselves, save them, and pick them up. Without help and supervision from the Team, the key players may not know which of their computer files are relevant, they may not know how to properly preserve this ESI, nor how to collect it. They are sure to make mistakes. Thus, when the key players in a company are called upon to take part in the games, which in itself makes a lot of sense, since they should know their own information better than anyone else, they should be given expert help and advice from the e-Discovery Team. In other words, it is perfectly all right for the Team to delegate some of this work to the key players in the litigation, but the Team must still supervise and follow-up. Ultimately the Team should be responsible, since they are trained and more experienced in collection than the key players. The Team should have personal meetings with the key players and closely monitor their activities. In many cases, the Team should also implement certain safeguarding mechanisms to supplement the key players’ efforts, such as automated copying and keyword searches.

Another common mistake made in pick up the ball is to carelessly change the ball in the very process of picking it up. You could, for instance, change the metadata of a file, such as information as to when it was last viewed, saved, or revised. This is an especially high risk when the Team attempts to rely upon key players to pick up the ball for them. Although this probably will not matter in most cases, in some cases, such as stock backdating cases, this might be very important. As a general rule, the Team tries not to change the ball too much by the act of picking it up. The Team may later strip a file of all or part of its metadata on purpose, if that facilitates later cleaning or throwing, especially if the metadata is not important in the case, or not wanted, but they never want to do it accidentally.

A final common mistake, one of my pet peeves, is to neglect to hash the ball when you collect it, and properly preserve and tie the hash into each ball thereafter. I have described the process of using hash mathematics to authenticate ESI at length in my law review article, HASH: The New Bates Stamp, 12 Journal of Technology Law & Policy 1 (June 2007).

The Team may already have hashed files as part of the preservation game; but if not, it is essential that they now be hashed at the collection stage. Hashing provides a unique identifying alphanumeric value for each computer file collected. This hash value can be later checked to prove that the file has not been altered since it was collected. This is a key step in ESI authentication to allow for admission into evidence at a hearing or trial. In most cases, hashing should be a normal part of ball pickup.

Collection is the last of the three steps that are critical to Risk Management (Identification-Preservation-Collection). It is also the first step of the final Expense Management section of the e-Discovery Team playbook as shown below. These last five steps are by far the most costly games the Team must play to respond to e-discovery requests. For that reason, these are the tasks where excellent play by the Team can save the company money, lots of money. Sucessful Teams have found that they can pay for themselves many times over by playing these games, instead of attorneys or IT acting on their own. In fact, the first e-Discovery Team ever created in 2001 by CISCO claims to have reduced the company’s overall litigation expenses by over sixty-four percent. This, coupled with the risk management advantages of Team play, are the main reasons many companies and lawfirms today are rushing to set up interdisciplinary e-Discovery Teams. Another module in this section, When and Why Should Inside Counsel Start an e-Discovery Team?, will illustrate this case for e-Discovery Teams in detail.

Shrink the Ball

Shrink_Ball.jpgShrink the ball, or Processing, is the game where the Team can save the company the most money. Thus, from a financial perspective, it is the most important game of all. In this culling step, you process the ESI to eliminate as much duplicate and irrelevant information as possible. Here good software and automated process are critical; so too is careful strategic thinking.

The goal is to significantly reduce the amount of ESI that must be reviewed and cleaned in the next steps. Thus, for instance, at the end of the last game you may have identified and preserved 1,000 gigabytes (1 terabyte) of ESI, and collected 500 gigabytes. To give you some idea of the amount of information we are speaking about, in some circumstances the 500 gigabytes may be equivalent to 500 truckloads of paper. It would cost a small fortune for teams of lawyers to read that much paper. We are talking about years of billable lawyer time to read that much data. It would also be a colossal waste of time because they would end up reading the same document dozens, if not hundreds of times. So it is critical to aggressively eliminate the redundant and immaterial ESI in this processing stage. In many cases the 500 gigs can be cut down to 100 or 50 gigs, resulting in tremendous savings in the expensive review games to come.

From what I have seen, this is the game where most attorneys, acting alone and without strong knowledge of e-discovery law, tend to make the most mistakes. They are way too conservative in their play, and end up culling the ESI far less than they should. The result is the Team ends up having to review far too much useless information at great expense. You should play the shrink the ball very aggressively, and be prepared to defend your actions in court if later challenged. The best way to do that is with careful documentation and expenses analysis. Be prepared to demonstrate the great expense you would otherwise have had to incur without such shrinkage.

Clean the Ball

Clean_ballHere is where some of the big money come in, the cost to review the data for privileged, confidential, and irrelevant material. Still, most internal corporate e-Discovery Teams will not clean their own ball, they will hand it off to their caddy to do it for them, typically their outside legal counsel. That is why lawfirm e-Discovery Teams need to be especially adept and efficient at this game. A few of the more mature and well organized corporate Teams have started to review their own data, and clean them the ESI themselves. They have teams of contract attorneys they employ to do this work at reduced rates, some even send the data to lawyers in India for review. But for most Teams, this is advanced play that they do not have the time or skill to attempt.

This is a very important and risky step in the EDRM process and companies want to be sure it is done right. You review the truckloads of email and documents that have not already been culled out in the prior games so that you can remove the files that do not have to be produced. The last thing you want to do is produce privileged materials to your adversary. You need to clean your production of these secret files and produce a log of them instead. Even with a clawback agreement, an accidental disclosure can still result in waiver of your privilege to third parties. You also want to be sure the ESI review catches all confidential materials, and that they are produced with appropriate markings and confidentiality agreements. Trade secrets can be lost forever if they become a public record by filing with a court.

Aim the Ball

Aim_BallNow we come to the lawyerly game of aim the ball where the ESI is analyzed to see how it fits into the case at hand. Here lawyers and paralegals tag each file to an issue, typically using review software. They also make final decisions as to whether and how information is responsive to discovery requests, or otherwise must be produced (or not). The files are categorized and rated for importance. Is this email a smoking gun that could kill your case, or is it merely of marginal relevance to a secondary issue? You had better find this out, and fast, as to each computer file you are about to disclose to the other side. If your analysis of the information to be produced shows you have a strong case, you will approach the case far differently than if your analysis shows you will surely lose when all of the cards are put on the table.

Obviously this analysis stage requires the sure hand and steady aim of trusted outside counsel assigned to defend or prosecute the case. Still, the legal members of the Team should assist and be involved in the analysis and evaluation of the merits of the case. This game concludes with final decisions by legal counsel on what should be produced and what should be withheld. These decisions must be rational and made in good faith.

If analysis shows you have a losing hand, you had better fold early before the other side realizes your position. You cannot do like Qualcomm and decide to withhold evidence just because you don’t like it. You can see where hiding the ball got them – they lost the patent they sued to enforce, they paid over eight million dollars in fees to the other side, their general counsel resigned in disgrace, and their outside counsel had to fight hard to retain their licenses and avoid individual sanctions. When you are a plaintiff and find yourself in this position, you do not file the suit to begin with or, if you discover it in midstream, you should dismiss and cut your losses. The same applies when you are in a defense position. It is not an option to try and hide the evidence that will hurt your defense. You must instead try and make the most of it and settle as best as you can. That is how the American system of justice works and all Teams have to play by these same fundamental rules. Voluntary disclosure may not be the rule in the rest of the world, especially the civil law countries in Europe, but that is how the game is played here. If you are defending or prosecuting a case in the U.S., you are going to have to reveal your data to your adversary, even if that kills your case.

Throw the Ball

Pitcher_Throw_BallThe last game is the culmination of all the rest. The analysis game resulted in final decisions on what files to be produced. Now you actually make the production. Throwing the ball is not really all that hard, so long as you enlist the aid of WORMs. No, not the creepy crawly kind, but the “Write Once, Read Many” times kind, such as optical discs, CDs or DVDs. The ESI on these media cannot be altered after written onto the discs, thus providing you, and the receiving party, with a certain amount of protection that the files will not be accidentally altered. Worms help the parties maintain a permanent record of the ESI produced.

Another tricky aspect of production is deciding the form of production. Do you produce in native format with full internal metadata retained, or do you produce in a TIFF or JPEG format with a load file ready for import into review software? This should have already been worked out with opposing counsel as part of the Rule 26(f) conference, or the original production request; but if not, you have to make these decisions now.

Take the time to clearly mark and label the production media. One thing I hate is a CD production with no writing on it, or just indecipherable handwriting. Write out a full description of the CD and the date of production and name of the case. Think of chain of custody issues and do not forget to make multiple copies. Another thing I have noticed lately is the use of paper labels on CDs. That’s ok, but beware of labels that peel off. As a safeguard, it is better to use ink jet printers that print directly on the CD, instead of glue on labels. If you must use adhesive labels, put some kind of writing directly on the CD itself, just in case it peels off somewhere down the line.

Finally, if you use TIFF or other image type files where you affix Bates stamp type markings to identify individual ESI files, please consider adding a truncated hash value to the file ID. As discussed in HASH: The New Bates Stamp, this will facilitate both identification and authentication, and allow for easier comparison with the native originals.

Concluding Thoughts

These games are difficult. Much like golf, it is not a game of perfect. Mistakes are inevitable. Even the best golfers mess up from time to time and no one wins them all, so why should you be any different? Document your efforts, play it safe, and use redundant systems whenever economically feasible. Thus, when a mistake is later discovered, you may be able to cover it with a backup system. Or, if that is not possible, you can at least show to the supervising judge that you made good faith, reasonable efforts. The judge should understand and cut you a break, maybe even give you a mulligan. If the judge does not realize that mistakes are inevitable, he or she simply does not understand the game. Then it is up to you to explain it to them, or hire an expert who can.

Spespurrier-gatorsaking of that, can you guess the missing team member that we have not discussed yet? The coach. The best e-discovery teams in the world, the ones that win, all have coaches. All good players need a coach to help out from time to time. (I spend a lot of my time doing that now.) They also need total support from management and owners. High salaries help too.

The coaches are experts, but no longer render the legal service themselves. They step in to advise and consult in difficult time-out situations. Or they are called on to prepare for a big new game. The coach designs a game plan. It is also always good to have a coach to lead retrospectives, post-game analysis. Watch the films to learn what went right and what went wrong. Teams without a coach are usually struggling, losing. Even if you have to hire a part-time outside coach for the team, that is better than none at all. Your top performing players deserve nothing less.


ASSIGNED READING AND EXERCISE: Read two or more of the articles and web pages linked to in this module, including the law review article on Hash, if you have not already. What types of cases are hash values most commonly used? Also, in what type of commercial case would hash be of strong value in allowing legitimate discovery while still preserving privacy?

Bonus Exercise: Find out what “Blue Midnight Wish” is and what contest it was entered in.  

Students are invited to leave a public comment below. Insights that might help other students are especially welcome. Let’s collaborate!

Copyright Ralph Losey 2015


Friend of AI. Tech lawyer by day since 1980 with special skills and experience using legal technology, especially AI. Also an Arbitrator (AAA) and legal tech writer. By night an electronic meditation musician-composer since 1973 using computers and synthesizers.

4 Comment on “Sec. 2 – Mod. A

Leave a Reply

%d bloggers like this: