Author: ContactWeb

Deploying iOS 18 in the Workplace: Potential Data Security Implications

Posted by on in Uncategorized


With the scheduled release of iOS 18 this fall that is anticipated to feature an Artificial Intelligence powered by ChatGPT, organizations find themselves at a critical juncture. The promise of enhanced productivity and efficiency through advanced AI capabilities is appealing, yet may introduce potential security risks and compliance challenges.


Organizations must be careful to protect data security and comply with relevant regulations as they deploy iOS 18 devices or support existing devices that will move to the updated software. They also need to ensure that in the event of litigation, they can preserve and collect the requisite data on Apple devices.

Let’s explore the key concerns organizations should consider when the iOS 18 update launches.


Decision Points for Organizations

Evaluating Device Policies
Organizations should evaluate their Bring Your Own Device (BYOD) policies. Allowing employees to use iOS 18 devices in a corporate setting without offering guidelines on AI leaves organizations vulnerable to security risks.

 Mobile Device Management (MDM) tools provide organizations with a method to ensure corporate data remains secure and compliance with data handling policies is maintained. MDM can help establish barriers between corporate data and personal data. Whether your organization already uses monitoring software or is looking to invest in it for the first time, consider how solutions are positioned to protect data in the AI-driven future.


Regular Auditing and Updates
As Apple continues to refine iOS 18 after the initial launch, it is important that all corporate devices are kept up to date. Set software to automatically update whenever possible, and make sure employees are aware that even automated updates may not work if a device doesn’t have enough space to accommodate them. Continuous updates are vital for maintaining security and compliance with ever-evolving legal standards.


Implications of Global Privacy Regulations
The deployment of iOS 18 in corporate settings must comply with various global privacy regulations. These laws vary significantly across jurisdictions, making compliance a complex and costly endeavor. Key regulatory frameworks to consider include The EU’s GDPR, California’s CCPA, Brazil’s LGPD, Canada’s PIPEDA, and China’s Personal Information Protection Law (PIPL).

The integration of AI may allow personal and corporate data to be processed off-site and have a significant legal implications. The location of data storage can affect which regulations are applicable to data collection, processing, and storage stages, influencing compliance approach.

The High Cost of Compliance


Adhering to compliance and regulatory standards is not only a legal obligation, but also a significant financial investment. Organizations should consider the allocation of resources for:

Legal and Compliance: Organizations should consider hiring or consulting with experts to navigate the complex regulatory landscape. Regulatory expertise is essential during the identification and preservation phases to ensure compliance.

Technology Upgrades: Organizations should also evaluate the need to invest in new technologies and systems to ensure compliance with data protection standards. Upgrades to existing infrastructure may be necessary during data processing and storage to maintain security and compliance.

Training Programs: Continuous education of employees on the importance of data security and privacy is highly recommended, specifically on the appropriate use of AI tools. This can include tips on how to best use the privacy tools Apple provides by default, and how to use discretion when providing AI tools with sensitive information. Training is crucial to ensure proper data handling and compliance throughout the EDRM lifecycle.


Moving Forward: Balancing Innovation and Security
As we move towards an AI-driven future with iOS 18, organizations should carefully consider the potential risks. The integration of AI into everyday functions promises to enhance productivity and streamline operations, but it also necessitates a robust approach to data security and compliance.

Key Takeaways for Decision-Makers


Develop Comprehensive Policies: Establish clear policies and procedures for the use of AI-integrated devices in the workplace, including data management and security protocols.


Collaborate with Technology Providers: Work closely with service providers and other technology providers to ensure that security measures are up to corporate standards.


Continuous Monitoring and Adaptation: Stay informed about evolving security threats and regulatory changes, and be prepared to adapt your strategies accordingly.


Invest in Compliance: Allocate sufficient resources to comply with global privacy regulations and prepare for the financial impact of these investments.

The fall release of iOS 18 represents a shift in how organizations approach data management and security. By making informed decisions and investing in robust security measures, organizations can harness the power of AI while safeguarding their most valuable asset: data. 

Still have questions? We’re happy to help!

Schedule your consultation with our experts today!

Get in touch!

What to Consider When Buying Legal Tech

Posted by on in eDiscovery 101

The world of legal technology can be a confusing, intimidating place. The solutions available can look similar on the surface, but provide dramatically different outcomes. This begs the question, how do you figure out what solutions are best for your organization?

In today’s blog, we walk through some of the key factors to consider when shopping for new technology.

Functionality

Start by zooming out beyond the type of technology your organization uses and ask… what are we solving for? What kinds of projects do we work on? What clients do we serve, and what are their expectations? What practice areas do we work in, and do they require any nonstandard data populations beyond email? How many users work on our projects, and how do they best communicate with each other? 

If you specialize in eDiscovery litigation, your requirements differ from those working with contracts. eDiscovery and transactional law present different challenges that aren’t always served by the same technology solutions. eDiscovery requires massive data populations, and the ability to search and refine those populations as a project progresses. Contract lifecycle management often focuses on specific clauses or extracting repeatable key data points, but usually doesn’t require the sheer computing power needed for the dataset in a discovery project.

In many organizations, litigators collaborate closely with transactional attorneys, and decision makers are required to balance the needs of both groups when selecting the appropriate technology. Another consideration is how large the organization is. Smaller firms where attorneys work in the same office daily may not need collaboration platforms that are essential for a large multinational corporation.

In addition to “must haves”, it’s often helpful to make a list of “nice to haves.” Maybe it’s not 100% necessary that you be able to automatically integrate any new tool with a solution you’re already using, but it should be a consideration.   

The best place to begin is by considering what sorts of projects the organization must complete on a consistent basis, and where you find the most roadblocks in your current process. Once you’ve defined these parameters, you can better guide your search for technology in the right direction.

Usability

Technology that checks all your functionality boxes isn’t worth much if it lacks usability. Maybe a solution technically can do what your team needs, but if it’s buried under five layers of dropdown menus, users will struggle to use it. Good technology isn’t just functional, but intuitive to the team using it. When it isn’t, it could result in costly, preventable user errors, or lack of adoption that renders your investment a waste.

There are tradeoffs to going too usable. Sometimes, technology is intuitive precisely because it lacks functionality. A menu of ten options will always be more user-friendly than a menu of 100 options. It’s similar to how the “sticky notes” tool on a computer is easy to use with no prior experience, but is ill-suited for well-formatted documents. A word processor can create such documents, but the array of fonts, colors, and spacing options may make it difficult to create exactly what you’re after without some knowledge of how that tool works.  

Reliability

Reliability can be a challenging consideration. It’s something the organization will require, but can be difficult to determine based on a sales demo or marketing material. How often does this tech need to be updated? How long do those updates take, and how easy is it to run them without disrupting your organization’s productivity?

If your organization has dedicated IT staff or more tech-oriented litigation team members, it is worth consulting them before you commit to a solution. They can tell you what technical specifications to look for, and what questions to ask a potential software company or service provider.

Scalability

It’s easy to focus on your existing challenges , but ideally a technology solution will also help solve or prevent problems in the future. All too often, organizations identify the most economical solution, but quickly outgrow it. This could be because adding a few additional users beyond their initial agreement results in exponentially higher costs. Alternatively, their workload triples, leading to unbearable load times when processing the extra data. Either way, yesterday’s ‘solution’ becomes today’s problem. We encourage you to think beyond what can solve your most pressing needs at the best price and consider what’s likely to serve your needs when you scale.

Security

Security concerns are a non-negotiable requirement with legal technology, and buyers and sellers alike have a good comprehension of the importance. But what does it actually mean? How can we assess a tool beyond just looking for the word “secure” in the marketing collateral?

Like many things in our space, there’s a technical and regulatory angle to this. A good starting point is looking for solutions that are already compliant in jurisdictions where you operate. While almost any solution can claim to be “secure” without specifying what they mean by that, “GDPR compliant” describes a strict set of security and privacy criteria that are required within the European Union. Of course, if you operate within the EU it’s imperative to have technology that adheres to its regulations, but even if you don’t, shopping for GDPR compliant solutions ensures that higher standard of security that may not be met by a noncompliant solution. Other standards to look out for could indicate different jurisdictions’ regulations, such as the California Consumer Privacy Act (CCPA), or voluntary standards that still require a third party audit, such as ISO 27001.

From a technical standpoint, it’s important to follow the fundamentals of cybersecurity. Does the solution support multifactor authentication? Does it allow you to set different permissions levels for each user to ensure that they only have access to what is required to perform their responsibilities?

New technology presents new vulnerabilities in cybersecurity as more solutions rely on Artificial Intelligence (AI) and Large Language Models (LLM). It’s important to make sure the sensitive data  fed into the language models is contained within a secure environment, not shared with third parties, and not being used for training other models outside this environment.

Still have questions?

The Contact Team is happy to help you find the technology solutions that suit your organization.

Reach out today!

Is Your eDiscovery Team Up to a “2-Minute Drill?”

Posted by on in eDiscovery 101, Just For Fun, Legal Service Providers

The 2-minute drill. It’s a do-or-die scenario where teams can step up and show what they’re truly made of, and all the best teams are known for how well they can execute in this pressure cooker scenario. Likewise, the best eDiscovery teams are at their best when asked to face near-impossible challenges with somehow-even-more-impossibly-tight deadlines. So, with that in mind, what can we learn from the best football teams, and how do we apply it to eDiscovery teams? How can legal teams figure out if their vendors are set up for a successful 2-minute drill before they actually need one?

The Team Has Multiple Skillsets at the Ready

When a team has both a strong passing game, a strong running game, and a QB who can scramble, it keeps a defense on their toes. The best “2-minute drill teams” of eDiscovery likewise have different skillsets at their disposal. A good eDiscovery team has a lot of different experts across many different disciplines, trust and respect between those disciplines, and effective communication at all levels.

The Team Knows How to Work Together

Imagine a 2-minute drill where the quarterback, O-line, receivers, running backs, and tight ends all came from different teams. Even if they were all great at their respective positions, they’re not going to work the same way as a team that is practicing/playing together all year long.

This is why it’s not just important to have a variety of top-tier experts doing your discovery, but a team that knows how to work together. If your vendor is great at processing, but farms out all their forensics to a sub-contractor, they might have a hard time getting those forensics answers they need when they need them, even if it’s a great forensics contractor! A team that can quickly get the right experts on board right away is preferable to a team that has the experts, but they’re siloed off and not used to working together. This is also where having a consistent, trusted partner in eDiscovery pays dividends, as legal teams that are constantly switching between a long roster of vendors may face more challenges.

They Lay a Strong Foundation From the Beginning

The 2-minute drill is only relevant in close games. Therefore, being good at a 2-minute drill is useless if you go into the last 2 minutes already down by 30 points. Too often, legal teams overestimate what kinds of last minute changes can be made. For example, a production is more than just clicking “native” or “image” on a menu; it can take hours for teams to prepare documents for production, and changing your mind after you’ve started the process takes even more time.

Part of why eDiscovery practitioners are constantly stressing the importance of looping us in as quickly as possible is that the more we can do in those early stages, the better chances of success in the 2-minute drill if one is needed. Not to mention that in an ideal world, you keep your 2-minute drills to a minimum. If you do a good enough job in the earlier stages of your project, you hopefully don’t need one at all because YOU’RE the one that’s winning by 30 points with 2 minutes left.

The Team Knows How To Calculate Risk

There are certain plays that are just bad ideas regardless of how desperate you are. We’ve all seen games where a team got sloppy and turned the ball over because they tried to force a play that wasn’t there.

So much of eDiscovery is about managing risk. It’s often not a choice between “the right way” and “the wrong way,” but a choice between “Plan A that has THESE tradeoffs” and “Plan B that has THOSE tradeoffs.” The same is true in a 2-minute drill. The people who are good at calculating risk during “normal” times are going to be good at calculating it during the 2-minute drill. Part of those calculations include knowing which plays come with too much risk and avoiding them, even if you’re desperate.  

They’re decisive enough to go “no huddle” if necessary.

One of the first things football teams let go of in a 2-minute scenario is the huddle. Is the huddle nice? Sure! There’s a reason that they’re commonplace when there is time to spare. But when the game is on the line with 2 minutes left, teams have to rely on instincts and experience to carry them. What looked like “careful consideration” before suddenly looks like “overthinking” now. Someone has to make a decision, and they probably have to make it with less information than they wish they had.

If a team has a solid foundation of eDiscovery fundamentals, including varied expertise, good risk calculation, and seamless communication, they are more likely to be able to make quick, yet informed decisions if they find themselves in the 2-minute drill scenario.

Digital Forensic Preservation vs. Collection: A Practical Guide

Posted by on in Forensics

Forensic preservation and collection are crucial steps in any investigation or litigation. The choices legal teams make in these early stages not only determine what kind of a legal strategy they could put together, but also how burdensome it is to put that strategy together, and what kinds of audibles they can call downstream if that’s necessary.  

Collection Does Not Equal Preservation

So what exactly do “data collection” and “data preservation” mean and why is it important to keep the ideas separate?
Well..  
Forensic preservation = making sure data remains intact in case it’s needed.
 
Forensic collection = taking data into custody for actual investigation.  

Think of your data population as a grocery store. It doesn’t make sense to buy the entire grocery store to make one dish because maybe you might need those ingredients. It makes far more sense to read your recipe, make a shopping list of ingredients you’ll need, and only buy the ones required.

When you collect every potentially relevant piece of data, you’re effectively buying the whole grocery store. This is usually going to end up being needlessly expensive, and make other processes downstream needlessly burdensome. By preserving data, you keep the grocery store intact and can always go shopping again if your first collection doesn’t pan out the way you want. In some cases, data preservation could be as simple as checking a few boxes on the backend of Microsoft 365. This distinction allows legal teams to benefit from more economical, tailored forensics techniques without leaving important evidence on the table. Preserving data means that you’ll have the option to make a Plan B (or C or D or E!) without the added, costly burden of collecting everything.

So Why Is Forensic Data Preservation Necessary? Isn’t Data Stored Anyway?

For a long time, conventional wisdom was that anything you write on the internet is there forever, but that’s not as true as it once was. Now, most of the technology we use in our day-to-day lives is cloud based, and people are generating so much new data that old data has to go somewhere. Automated deletion has become par for the course in most organizations.

Luckily, data preservation is not always that complicated. It could be as simple as disabling some of those automated deletion functions, and even simple preservation practices can still have a profound impact. More and more organizations are realizing the importance of such strategic data retention. By automating the deletion of redundant or obsolete data, organizations save on data storage, while still ensuring that important data remains available if further investigation is necessary. Forensics technicians can advise you on such policies, and how to organize the data you want to keep.  

When investigations do happen, these data preservation measures can help things run more smoothly, and can set you up to make contingency plans if need be. If it comes out later that crucial data could’ve been preserved but wasn’t, you could face adverse consequences such as sanctions. In a recent antitrust litigation, Google was sanctioned after courts determined a failure to preserve important information.

The important thing here is not to neglect data preservation because you’re assuming data is preserved by default. A digital forensics expert can work with you and your IT team to determine what is and isn’t being preserved already, and what changes to make if any are warranted.

So How Do I Determine What Data To Collect?

Once we let go of the idea that every potentially relevant piece of data needs to be collected as long as it’s preserved, that begs another question: what DO we collect?

Well… it depends.

What are you actually hoping to find during your investigation? Knowing that can guide your forensics team in the right direction. While it’s understandable to want all the information before you’re too committed to a strategy, James Whitehead, Associate Director of Digital Forensics at Contact Discovery, says that’s not always the best order of operations.

“As digital forensics experts, we often bring the most value when legal teams have some idea of what information they’d like to find, and where that information is most likely to live,” James says. “We can control costs and save time if we’re able to narrowly tailor our forensics approach to what’s most likely to prove helpful.”  

Oftentimes, that reluctance to have a more targeted approach stems from a fear of leaving important data behind. By making sure you’re preserving, you’re able to be a little more calculated with collection while still hedging your bets.  

By approaching these two related, yet different forensic processes with the appropriate strategies, legal teams can have their cake and eat it too: effective, efficient investigations without too much clutter in their dataset, while still protecting themselves against spoliation and a lack of contingency options.      

Disclaimer: This content is for general information purposes only, was not written by an attorney, and does not constitute legal advice.

Managed Review vs. Unmanaged Review: Which One’s Right For You?

Posted by on in Document Review, Legal Service Providers

Complex litigation cannot happen without some form of document review, whether that’s managed review or not. Document review cannot happen without reviewers. This raises a lot of questions that most lawyers never learned about in law school: Which reviewers do you hire? What parts of review can be trusted to technology, and what parts absolutely have to be done by humans? What work requires actual attorneys, and what work is better left to other litigation support professionals? 

There’s a myriad of considerations that go into these decisions depending on the case at hand and the capabilities of that particular legal team. One of those decisions is “who should make all the other decisions?” When legal teams are either spread too thin or simply want someone with a different realm of expertise, managed review services can be great for attorneys and their clients.

What eDiscovery Review Teams Do vs. What Lead Attorneys Do

Lawyers are good at a lot of things. They tend to be good researchers, and good at drawing connections between seemingly unconnected pieces of evidence. Unfortunately, those relevant pieces of evidence don’t just show up at a lawyer’s doorstep all wrapped up with a bow. Usually, they’re hidden somewhere in a massive pile of data.

If your legal case is a jigsaw puzzle, most lawyers could probably put that puzzle together just fine if there are relatively few pieces and they all come in the same box. Now, imagine the pieces of the puzzle that you want to make are in a box with thousands of other pieces that make up less relevant pictures. What happens when you’re not even 100% sure you have all the right pieces to make the picture you want to make? Can you find other pieces along the way that might make other helpful pictures?

It would be impossible for any one person to make their chosen puzzle in such a scenario. Instead, you need a coordinated team of people going through documents and coding them as relevant. These reviewers aren’t usually the ones making calls about big picture legal strategy, but they know what kinds of puzzle pieces to look for so that those other attorneys can actually put a picture together.

Finding the right pieces in that unruly pile is a separate skillset from actually putting the pieces together once you have them. Plenty of lawyers have great experience in both these areas, but it’s not a given, and there’s no shame in asking for outside help when you need it.

How Remote Review Services Can Help

Remote review and managed review services allow for legal teams to scale as needed in order to take on larger, review-heavy matters. Smaller teams who don’t have enough man power internally can staff up for one matter, and then scale back down afterwards.

Document review services aren’t just for when you need more reviewers, but sometimes simply different reviewers. Maybe you have documents in a foreign language that no one on your staff speaks; maybe you have a matter outside your normal realm of expertise, and need reviewers with different legal specialties.

Either way, remote review lets you take better care of your clients without having internal hires for every possible scenario that your clients might throw at you (which isn’t realistic for most law firms.)

Remote review is a great option for most law firms, but it comes with challenges of its own. Someone has to decide which reviewers are best suited for your matter. Someone has to decide how many reviewers you need to meet a deadline; those reviewers have to report to someone on a day-to-day basis, and that person needs to have an intimate understanding of the whole case, your overarching legal strategy, and whatever technology you’re using to assist human reviewers. Even after you agree on answers to all those questions, someone should be reevaluating things on a daily basis as new information comes to light. Of course, all these challenges multiply if you’re leveraging remote review for multiple cases.

So that raises a follow-up question…. Who should be that someone?

How Managed Review Can Help

In an unmanaged remote review situation, a client is still on the hook to answer questions from reviewers as they come up; the client needs to clearly communicate to reviewers what they’re looking for, and make sure all these different reviewers are taking a consistent approach to coding documents.

Unmanaged review does cost less money, but there can also be dire consequences if this point person is already spread thin and not able to give review management enough attention. What happens if an attorney gets caught up in court and can’t answer reviewers’ questions? What if they don’t notice that more reviewers are needed until it’s too late? What if they aren’t assessing progress often enough, and don’t realize a pivot in legal strategy is necessary until review is 99% done and there’s still no “smoking gun”?

This is why the biggest law firms that are dealing with complex litigation on a regular basis typically hire dedicated discovery project managers apart from their regular attorneys. They know that discovery can require near constant attention, and oftentimes it’s just not possible to give it that attention while dealing with all the other demands of being a lawyer: writing briefs, going to client meetings, court dates, etc. Such firms also know mismanaging discovery can have dramatic impacts downstream. Therefore, investing in constant vigilance at every step of the process will pay dividends later.

Managed review means you are not only temporarily hiring reviewers, but someone to manage them. Clients get to meet with one point person, describe their legal strategy and what they’re hoping to find in review. That point person turns around and handles all the other emails and meetings with the review team. Project managers can catch issues early on and bring them to the client’s attention.

How Do I Decide Which One Is Right For Me?

There’s different reasons someone might go the managed review route over unmanaged route. One might be that they simply don’t have attorneys with that discovery project management skillset. With managed review, a firm that cannot justify hiring discovery PMs internally can still have the same level of vigilance as a firm that could.

Another reason is that even if attorneys are perfectly capable of managing review themselves, their current caseload just doesn’t allow them to give it the attention it needs. By letting someone else answer more of the emails and sit in on more of the meetings, that attorney can focus on other things that a discovery PM couldn’t do, such as deposing witnesses or writing briefs.

Of course it’s going to depend on many factors specific to your case which can’t be addressed here, but generally the key factors that should shape your decision are:  

  1. Do you have discovery project managers internally? These could be either dedicated personnel or attorneys who have experience managing review.

  2. Do those people actually have enough room on their plate now to take on the responsibilities of managing this review?

If an unmanaged review situation is likely to result in either a) an attorney not having enough time to give all their matters the attention they deserve or b) review being managed by someone who’s never done it before and may not understand the intricacies of it, the managed review route is often best.

Cloud Forensics Is Here To Stay… But It Has A Dark Side

Posted by on in Forensics

Data collection has always been an important first step of any legal investigation. Before the digital age, this could mean dusting a crime scene for fingerprints, or finding bits of the perpetrator’s DNA from some stray hairs.

Now, digital forensics technologists are on a never-ending quest to keep up with our ever-evolving digital landscape. Over the course of the 2010s, one technological development cast a bigger shadow than most. You probably know it as “The Cloud.”

It wasn’t that long ago that the cloud seemed like a mystical enigma. Many people were hesitant to make the migration for fear of security risks. Even as more users got accustomed to cloud backups with their personal technology, enterprise technology lagged behind. In more recent years, that’s changed. Anymore, it’s virtually impossible for a legal team to face a case where there isn’t relevant data in the cloud. So how does that reshape that initial data collection phase?

Why The Cloud Is Unavoidable

At one point, the cloud seemed optional. It was a nice bonus feature that allowed you to easily access your data from any device with an internet connection.

Now, the cloud is our default. Unless a user goes out of their way to avoid it, they’re using it. There are several reasons contributing to this.

For one, devices don’t come with the same local storage they used to. Anymore, a new laptop has less local storage than a new mobile device.

To make matters worse, we’re also creating more data. According to Statista, the total amount of data created, captured, copied, and consumed globally reached 64.2 zettabytes in 2020 (approximately 58.4 billion TB). In 2011, it was just 5 zettabytes.

That’s a 1,284% increase in data vs. when Apple first rolled out iCloud, a staggering figure considering we’re already talking about units as large as zettabytes. According to Statista’s projections, the number is expected to climb up to 181 zettabytes by 2025.

10 years ago, we communicated almost exclusively through email and text messaging. Now, we also have numerous social media channels, collaboration platforms like Slack and Teams, and other direct messaging apps such as WhatsApp, all of which exist alongside conventional texting and email. Many of these platforms make it easier than ever to send larger files such as photos and videos. As our communication channels multiply and multimedia messages become second nature, our need for data storage skyrockets.

The cloud has become the tech industry’s way of doing more with less. Users still get all the data storage they need to account for their changing habits without having to remember which of their six flash drives they saved that last document to. As James Whitehead, Contact Discovery’s Associate Director of Digital Forensics points out, the cloud has also reshaped user expectations.

“Anymore, we require access to our data at a moment’s notice on the device of choice,” Whitehead says. “The cloud allows for that but it also blurs the line between data ownership, and raises questions about what activities we can attribute to which users.”

Cloud usage has also become less dependent on a user’s preferred devices.

“Apple mobile devices were considered low hanging fruit with the multiple methods of backup and fairly easy collection workflows,” says Whitehead. “Androids on the other hand are an unwieldly bunch where the model, chipset, and encryption state affect what if any data can be collected from the device. Enter GoogleOne, Goolge’s answer to iCloud, which provides similar backup functionality to iCloud for Androids!”

With Apple, Microsoft, and Google all following a similar trajectory of essentially forcing users onto the cloud, it’s hard to imagine anyone participating in our modern digital world while opting out of the cloud. That means legal teams can’t opt out either.

The Dark Side = Automated Data Management

As the cloud has taken over, so has something else: Automated Data Management. Rather than nagging users to go through their devices and decide what to delete, devices can just… delete stuff themselves. Users don’t mind because hey, everything’s still on the cloud, ready to be re-downloaded at a moment’s notice if the user so desires. We love that we don’t have to remember to back our devices up, and we love not having to make tough choices about which of our 1,392 dog pictures is cute enough to earn our precious local storage.

As a new automatic cloud backup is created, old ones are overridden. That makes it harder for forensics practitioners to hash out what was done by humans and what was done by machines.

“The algorithms are more efficient in finding stuff to override,” Whitehead says, pointing out that forensics teams often can only access the most recent backup, but not earlier backups. That makes it harder to pinpoint when exactly a particular piece of data was deleted, and what motive a user might’ve had for that deletion.

“Generally we want to attribute an action to a human, i.e. they deleted this data to obscure the investigation,” says Whitehead. “With automated management, data is routinely deleted by the system during normal use. This process is fairly rapid, and the more someone uses their phone, the faster these deletions happen.”

In other words, not only does automated data management make it harder to find that proverbial needle in a haystack, it means that failing to find a needle doesn’t necessarily implicate anyone the way it would if ALL data deletions were human choices.

So What Does All This Mean For Me?

In short, that you must act fast. One of the biggest challenges of our new cloud-based digital ecosphere is that it essentially turns our data into ticking time bombs. At a physical crime scene, you have to dust for prints before the maid comes. Otherwise, the case goes cold. Well, automated data management features mean now we have digital maids that routinely come in and clean up our data. If we want that data, we have to collect it before it’s gone.

Remember those 64.2 zettabytes from 2020? That same study also reports that just 2% of the data produced and consumed in 2020 was saved and retained into 2021. If you do think there’s valuable information out there, you can’t just assume it’ll be there forever.

The good news is that most of these automated features can be disabled, and a good litigation hold protocol will ask parties to do just that. By looping in forensics staff early on in an investigation, you can make sure that all IT teams at all relevant organizations have disabled any automated deletion features that could sabotage your investigation downstream.

The Festivus Airing of Grievances: eDiscovery ALSP edition

Posted by on in Just For Fun, Legal Service Providers

“I’ve got a lot of problems with you people and now, you’re gonna hear about it!”

So said Frank Constanza in an episode of the NBC sitcom, Seinfeld. Over the last couple decades since this famous episode, wherein Frank revives the holiday he invented called “Festivus,” we can’t help but think maybe Frank was onto something.

Sure, the Festivus “airing of grievances” isn’t quite as cheerful as hanging up stockings or drinking eggnog, but sometimes it needs to be done. This is particularly true in the field of eDiscovery and Alternative Legal Service Providers (ALSPs).

Over the last decade, eDiscovery has been through a period of rapid growth. As more and more savvy entrepreneurs see the profit potential of the industry, the more we see clients that have been burned by other service providers who cared more about their bottom line than their clients.

We have a bone to pick with those companies. There’s absolutely no reason why making money has to come at the cost of the clients, and we don’t want attorneys thinking they should just accept it.

Grievance #1: Not billing based on actual time.

Some service providers bill based on how much they anticipate a job should take rather than long a job actually took. You might even think “gee, that’s nice! I don’t have to pay extra when my vendor takes more time than a task should take.”

The flip side of this is that if your service provider estimates a job should take 3 hours but it only takes 30 minutes, they’re pocketing the rest. The client is quite literally paying for hours of labor that never actually happened. Therein lies our grievance. If the party that’s in charge of deciding how long a job “should” take also stands to profit from overestimating, that’s not exactly a system of checks and balances.

Another issue here is the increments of time vendors use. Some won’t break down their billables into anything smaller than an hour, meaning that tasks taking 31 minutes are sometimes billed as a full hour. Do that enough times over a large complex matter, and it adds up to a huge sum of money that once again, is for work that never really happened. For this reason, Contact bills in 15-minute increments to ensure the time our clients pay for lines up with the time the job actually took.

Do the work. Be honest with your clients about how long that work took and bill accordingly. Is that so hard?

Grievance #2: Overcollection

Collecting all the data under the sun is a great way for vendors to pad their check. So much so that they sometimes go ahead and do this even when there’s a miniscule chance that all the extra data will help their client’s case.

In eDiscovery, the amount of data that makes it through each stage of the EDRM affects how much money the client spends on the next step. If your vendor collects a lot of data, then your vendor can charge more for hosting and processing; if the vendor doesn’t narrow down THAT population of data, you continue to spend even more on review. Because collection is one of the earlier steps in the process, there’s huge profit potential for unscrupulous vendors who collect unnecessary data and move it further downstream even when the client will likely never see any ROI.  

For example, does it really make sense to collect a custodian’s iPhone AND their iPad when the devices likely hold similar information that can also be collected remotely from an iCloud backup? Some vendors might know darn well that the majority of what they collect will be redundant, yet they’ll still charge a client to do the collection and bill them for the hours it took to dedupe everything.

Like any other aspect of a legal case, the collection approach is going to vary. Sometimes it does just make sense to collect a lot of data; however, a good vendor with a strong forensics department will weigh the costs and potential rewards of collecting different sources and build a cost-effective strategy. They may even be able to steer you towards data sources you didn’t think of collecting that are more likely to hold relevant information you’re looking for, allowing you to reduce the total amount of data you collect.

Grievance #3: Collecting/elevating bulky files for no real reason

Oftentimes, service providers charge their clients on a per-GB basis. Naturally, some file formats are going to take more GB than others. Photos take more data than text files; audio files take more data than photos; video files take more than audio; there are also many other industry-specific file formats that fall outside the realm of pdfs and jpegs.

As mentioned above, every case is different and sometimes bulky files (i.e. expensive to host and process) just come with the territory. However, bulky files also provide a convenient way for money-grubbing ALSPs to charge clients more without providing more value.

Sometimes those files hold irrelevant information that could be eliminated from the data population. Other times, the same information can be converted to smaller file sizes that would save the client money, but the service provider chooses not to because they care more about a short-term profit than building a long-term relationship with their client.

Grievance #4: Not caring enough about their cases’ outcomes

Attorneys need to create positive outcomes for their clients. Sure, no attorney can feasibly deliver the outcomes that clients want 100% of the time, but they need a high-enough success rate to build and maintain a good reputation and keep their business alive.

This isn’t necessarily true for eDiscovery vendors. For many ALSPs, the outcomes of cases don’t affect the bottom line as much as you might think they would. Assuming a company handles data in a timely manner without any spoliation issues, they can still make a pretty good buck and keep their reputation alive, even with a “losing record” in terms of those actual cases. Too many service providers are content to keep chugging along with this profitable, but lazy model.

Some are content to only return documents that match up with the specified keywords, even if there are others that might help win the case. ALSPs can play defense too. If they turn up documents that undermine their attorney’s current strategy, they can warn the attorney about that vulnerability while there’s still enough time to adapt. The best ALSPs can even help future matters run more smoothly.

 OR they could do none of this and just say “welp, we did our job, here’s your invoice.”

As an ALSP, your client gets paid to win. Ergo, if your services aren’t helping them win, how helpful are you?

What are your legal tech “grievances” this year? Let us know in the comments!

Kyle Rittenhouse Trial Highlights Importance of Technology Expert Witnesses

Posted by on in eDiscovery News, Forensics

Earlier this week, a jury heard closing arguments in the trial of Kyle Rittenhouse. Rittenhouse rose to national prominence in August 2020 after allegedly shooting three people at a Wisconsin protest, two of whom died, the third injured. Now, he stands trial for those alleged crimes.

One unexpected curveball: whether or not the prosecution should be allowed to use an iPad to zoom in on footage that allegedly shows Rittenhouse at the scene of the crime. The defense argued that when one uses the pinch-to-zoom feature available on Apple devices, it alters the footage:

“It uses artificial intelligence, or their logarithms, to create what they believe is happening,” said defense attorney Mark Richards. “So this isn’t actually enhanced video, this is Apple’s iPad programming creating what it thinks is there, not what necessarily is there.”

NOTE: Many publications that have published this quote allege that the defense meant “algorithms” rather than “logarithms.”

Prosecution insisted such alterations don’t happen, and that zooming is no different than putting a magnifying glass over a printed photograph. Judge Bruce Schroeder initially said the prosecution would have to bring in an expert to confirm this, otherwise they’d have to use the raw footage taken from a wider angle.

James Whitehead is the Associate Director of Digital Forensics at Contact Discovery and has served as a digital forensics expert witness on forensic issues.

“I think as we see AI evolve, a new breed of validation questions may arise as the computer begins to generate life like images of events and people that do not exist,” says James Whitehead, Contact Discovery’s Associate Director of Digital Forensics, who has testified as an expert witness in other trials. “There’s an entire industry of applications… that leverage or skew the underlying digital photography [so we can] create panda face versions of ourselves.”

While the panda face apps might be an extreme example, Whitehead was also quick to clarify that the fact these apps exist doesn’t automatically mean the raw data is unreliable.

 “These apps function because the underlying digital image is trustworthy as is the underlying technology,” he said. It’s perhaps paradoxical that as technology gets better, it almost becomes harder for people to trust it.

In court, Judge Schroeder admitted to not having a very good understanding of technology. “I know less than anyone in the room here I’m sure about all this stuff,” he said.

It’s easy for people who live and breathe tech to think that pinch-to-zoom is a standard feature that everyone is familiar with, but then… should that matter? How often laypeople use certain technology isn’t necessarily a good standard for whether or not that technology should be admissible in court.

If a judge knows they don’t understand a topic as Schroeder admits he doesn’t understand pinch-to-zoom technology, it does make some sense to err on the side of caution. Once a jury has seen evidence, the judge can’t change that if they later learn that evidence was unreliable. When judges know they’re out of their depth, deferring to experts before they make a call is quite reasonable.

“The fact finders are a diverse group of individuals,” says Whitehead.  “We must remember that education of the fact finder isn’t a factor to be lightly regarded. The rules of evidence have evolved over the years as has the evidence. It’s still good practice to explain what you are leveraging and why it matters. If evidence or story is technical in nature, [it’s best to] have an expert on standby who can assist with the explanations.”

At the end of the day, criminal trials aren’t about what the Twitterverse thinks; they’re about what judges and juries think. Whether or not the prosecution should need an expert to confirm the validity of pinch-to-zoom footage is beside the point if a judge says they do.

Later in the trial, Judge Schroeder had a change of heart and said the jury could consider the enlarged footage, however he wasn’t shy about expressing his skepticism for it.

 “You’re basing this extremely important segment of the evidence on something that I’m really queasy about,” Schroeder said. “I’m not going to give an instruction on it, but I’ve made my record on the high risk that I think it presents for the case.”

So what can other legal teams learn from this ruling?

For one, that just because technology seems commonplace, that doesn’t mean a judge will understand the ins and outs of the technology well enough to confidently make a ruling on its admissibility. Whitehead says people might be surprised at how often judges expect expert testimony for technology end-users might consider commonplace.

“Technology is wasted on the young, like naps and kindergarten,” he said. “Judges are often removed from the [supposedly] commonplace setting for which our matter may hinge.”

Be ready to defend any part of your case involving technology, and yes, that may even mean expert testimony when you don’t agree expert testimony is needed. In this case, Schroeder initially put the burden of proof on the party that presents that evidence, not the party trying to disqualify evidence. Could that open the door for other teams to cast doubt on opposition’s evidence even if they don’t have their own experts? After this tech debate in such a highly publicized trial, some attorneys that would’ve otherwise thought they can’t get evidence thrown out might try anyway. Even if evidence is ultimately admitted, a drawn out debate about its reliability could still shape jurors’ perceptions of that evidence. Having expert testimony at the ready can potentially prevent such a debate.

Another thing most legal teams know, but this case reinforces: don’t be overly reliant on one “smoking gun” if you can help it. Perhaps the prosecution will be able to get a conviction based on evidence besides their pinch-to-zoom footage. Only time will tell. The one constant of the legal world is that as much as we try to predict it, it remains unpredictable. You never know which evidence could be disqualified, so finding multiple “smoking guns” makes for a stronger case.

How Custom Software Helps Everyone (Even People Who Don’t Need Custom Software!)

Posted by on in Legal Service Providers, Software Development

“Custom” can be a scary word in legal tech.

It sounds expensive.

It sounds hard to implement.

It sounds like there will be longer turnaround times compared to ready-made solutions.

It sounds untested, and unproven. (We all know how much lawyers love unnecessary risk!)

It sounds that way because well… a lot of times it’s true.

For these reasons, it’s understandable that a lot of people shopping for legal technology just don’t want anything “custom.” There’s peace of mind in knowing that other people are already using the same solution and getting great results.

At Contact, we tout our custom software development capabilities a lot, but we still understand and sympathize with this line of thinking. Unfortunately, it often leads to another line of thinking that can be dangerous:

“I don’t need custom software development, so it doesn’t matter if my vendor can do it or not.”

Sure, there are definitely service providers who can do great work without building custom software. Buyers also need to be wary of vendors of the other end of the spectrum. That is, the service provider who’s constantly trying to sell custom solutions to people who don’t need them.

However, we truly believe in our heart of hearts that our ability to build custom software benefits all our clients… even the ones who have no interest in having us build custom software. Here’s why.

Open Communication Between Specialties = More Knowledgeable Team

The eDiscovery industry is dependent on many different professionals, but a lot of them fall into one of two broad categories. In one group, we have developers who build new technology that moves the industry forward. In the other, we have project managers and ops professionals who work on real cases with real teams every day. They have enough working knowledge to get the job done, but not necessarily the skillset it takes to reinvent how work gets done.

The best service providers create a harmonious relationship between these two groups. Some have software development staff internally. Others have trusted vendors that can that do development work as needed and good communication between those vendors and their internal project managers. This symbiotic relationship means technological advances are informed by practical knowledge of real-world challenges. It also means end users aren’t limited to commonplace solutions that might not be the right fit.

On the flip side, if there are too many degrees of separation between developers and the end-users, it’s easy for things to get lost in translation. Sometimes well-meaning developers reinvent a wheel that was working just fine while neglecting bigger pain points.

Even if your vendor isn’t doing any kind of custom build for you, project managers that are dipping a toe into development world semi-regularly often prove more helpful than those who aren’t. They understand what’s “on the menu” when it comes to technology, and tend to be good at communicating it to less tech-savvy personnel. They usually can troubleshoot issues faster, and if they can’t then the people who can are just a short phone call away.

A Company That’s Customizing Regularly Is Learning Things That Others Aren’t.

Believe it or not, you are not your vendor’s only client (mind blowing, isn’t it?) However, this can be a feature, not a bug. Every time your vendor solves a problem for someone else, they’re in a better position to solve a similar problem for you. That can be an enticing prospect for any client that’s scared to be the guinea pig for a new piece of technology. 

The kinds of problems that your vendor solves for their other clients inevitably affect the way they’ll approach yours. If most of your vendor’s other matters can be serviced with old standby methods and technology, they’ll probably be more likely to apply those same tried-and-true solutions to your matters.

That’s not necessarily bad. As the old adage goes, if it ain’t broke, don’t fix it. However, there’s a difference between choosing more traditional techniques because you’ve made an informed decision that they’re your best option, and choosing them because your vendor doesn’t have a very big comfort zone. Too often, the vendors that are clinging to obsolete methods aren’t choosing that path because they’re simply bad service providers; instead, it’s because their client base isn’t challenging that vendor to take on newer obstacles that require updated solutions.

If you want to work with someone who has lots of experience tackling large, intricate, uniquely challenging matters, ask yourself where clients are likely to take those kinds of matters. Odds are they’re going somewhere that has software development on the menu. Even if your case doesn’t fit that bill, teams that are working on those kinds of projects are learning things they can apply to more “by-the-book” matters.  

We like to think we have the best staff in the business, but as knowledgeable as they are they still learn new things with every new project. The more outside-the-box that matter is, the more they learn. The more they learn, the better equipped they are to deal with the next client who brings us a similar challenge.

Custom Doesn’t Always Mean What You Think It Means

Customization isn’t a binary so much as a spectrum. The question at hand should never be “do I need custom software?” so much as “to what extent does my software need to be customized?”

On one extreme you have fully pre-made. This is more like a pre-made sandwich you get from the grab-n-go section of a convenience store. Taking ingredients away or adding other ones isn’t really an option. On the plus side, your sandwich is already made, no wait times.

On the next wrung of the customization ladder, let’s imagine a sandwich shop that has a set menu, but still makes their sandwiches to order. It’s relatively easy to say “hey can you hold the tomato?” or “can you swap that swiss cheese for cheddar?” However, you’re still mostly bound to the menu as written. There’s only so many modifications you can make to your chosen menu item before it just isn’t that practical anymore.

On the next step in line, you have the assembly-line sandwich place. It’s relatively painless to go down the line and specify what ingredients you want and which ones you don’t. That’s a much better experience than saying you want X menu item and then listing 10 different modifications you want to make. However, you’re still limited to the ingredients that shop has on hand.

Finally, you have the most customizable option of all: making your own sandwich at home. You get to use your favorite ingredients that you purchased from whatever store you like. However, it’s more time and effort on your part. Sometimes you’re in a rush and you just want the convenience of someone else making a sandwich for you.

eDiscovery works in a similar way. Sometimes “custom” means building something new from the ground up. It can also mean making relatively minor tweaks to an existing product. Think of a program like Excel. It can work magic if configured the right way for the purpose at hand, but that configuration might not be immediately obvious to a novice user. Such is the case with the most advanced eDiscovery platforms. 

 In our experience, clients are often pleasantly surprised by how far they can get with a little bit of customization to solutions they already have. Sometimes clients that think they need to invest in new tech learn that they don’t have to. On the other side of things, clients that were initially intimidated by the idea of a “custom solution” learn that it doesn’t have to be as cumbersome of a process as they feared.

When you hire a company that is used to customizing on a regular basis, they’ll understand these nuances. They might be able to present slight adaptations to current workflows that are much more workable than the big scary “Custom Solution” you were trying to avoid.

Even if your matter doesn’t require custom software development (and many don’t), it’s a good option to have in your back pocket in case things ever change. Perhaps even more importantly, the teams that are capable of custom software development can take a more holistic approach to any challenge. That’s good for everyone.

How eDiscovery ALSPs Can Build a Better Future for Clients

Posted by on in Legal Service Providers

For better or worse, eDiscovery ALSPs are playing an increasingly important role in complex litigations. That means the choice of who you pick for an eDiscovery vendor is becoming increasingly important too.

On paper, most vendors are essentially the same. They’re all offering to do the same work. Oftentimes price is the main thing differentiating Litigation Depot from Discovery Warehouse. That makes choosing harder, yet it’s still too important a decision to take lightly.

Since oftentimes the question of “can this vendor do the work I need done?” ends up as a draw, it’s important to look at other factors as well. One of the questions we like to raise at Contact is “how will this vendor’s work leave me better off than I was before?”

The way eDiscovery ALSPs approach their work can affect the way legal teams approach matters in the future. Yes, even matters where that client doesn’t re-hire the same service provider. Today, we wanted to give a general overview of the things that future-oriented service providers do differently compared to those that are only focused on one specific matter.

1. Spot vulnerabilities

Every case is different. That means the kind of data that is relevant can vary from case to case. Most vendors will rightfully start by looking for information that is relevant for the case they were actually hired for.

But… what about all those other cases that may or may not have happened yet? A vendor that is too laser-focused on the matter at hand might miss vulnerabilities that could be exploited later. Oftentimes, if you’re going through large chunks of data for one particular matter anyway, it’s more efficient to look for other potential vulnerabilities while you’re at it vs. two totally separate searches for two totally separate matters.

2. Establishing deletion & retention policies

One of the most important pieces of any information governance program is a consistent policy for deletion and retention. If your team does spot vulnerabilities, what do you do next? Deleting data that might be needed later could have disastrous consequences. Retaining literally everything could make future matters just as difficult to manage as this one, if not worse. It can also lead to privacy concerns and potential issues of non-compliance as more and more jurisdictions pass personal data protection laws.

A good eDiscovery service provider can help you make those calls, and give you the insight you need to keep making them later. By helping you delete the things you can, you’re better able to organize the data you do have to retain. Sometimes, the right deletion policies can even prevent future litigations from happening in the first place. 

3. Make data more accessible to the people who need it

One of the reasons legal teams might choose to a hire a vendor in the first place is because they simply don’t have access to the data. This is especially true in cases with a large forensics component, where deleted data needs to be recovered. The nice thing about such a case is once that data is made reviewable once, it doesn’t need to be made reviewable again (at least if you’re doing it right!)

Another challenge can be clients who are overly reliant on outside counsel or other eDiscovery vendors to handle their data. The data exists, but the client wouldn’t know where to find it. Some of the more unscrupulous vendors of eDiscovery like it that way. However, a future-oriented vendor will work to make sure the right people can access their data and easily find the data they actually want while still accounting for all the necessary privacy and security challenges.

4. Standardize workflows

Complex litigation can be overwhelming. Quite frankly, it’s usually still pretty overwhelming even when you do have a good vendor at your side. However, knowing there’s a standard operating procedure whenever major litigation comes up can make a world of difference.

While it is true that every case is different, it’s also true that a few basic fundamentals of discovery rarely, if ever change. Knowing where to start and who’s responsible for what can go a long way.

By having data that’s well organized and accessible to the right parties, it’s much easier to hit the ground running when a litigation comes up. You can quickly and easily check to see if any of the relevant data from prior cases is going to be relevant this time around; you might have a list of places to check for ESI that isn’t immediately accessible; perhaps a shortlist of what vendors to call for what type of work.

This means that your organization can maintain consistency even as employees leave and new ones come on board.

What do you wish more ALSPs would help you with future eDiscovery matters? Let us know in the comments!