The Electronic Discovery Reference Model, or EDRM, is a framework for dealing with documents that could be relevant to a legal investigation or litigation. Those who work within this framework on a daily basis understand it like the back of their hand. Such people are familiar with an all too common experience: having a stranger ask “What do you do?” and watching that stranger’s eyes glaze over as they try to explain the ins and outs of eDiscovery.
Luckily, the EDRM is more relatable than some might think. This time of year, many of us have fond memories of collecting something and making decisions about what to do with what we collect.
That’s right. We’re going to explain the EDRM through trick-or-treating. We’re going to reflect on how the EDRM might’ve helped us make better decisions about what candy to collect and make the best kinds of candy last longer. As a quick refresher, here’s what the EDRM looks like:
Step 1: Identify
First, legal teams have to identify potential sources of relevant electronically stored information (ESI). Miss a source, and they could miss out on valuable information that could help their case.
Trick-or-treaters need to be similarly strategic. Just like a pending court deadline, there’s only so much time to gather candy. Are you better off going to a neighborhood where the houses are closer together and you can go to more of them? But then what if that neighborhood doesn’t have as many kids, and so a lot of the houses turn their lights out and don’t give out candy? Alternatively, some neighborhoods might have bigger houses that require more walking, but then give out more candy per house. Maybe you can strike the real pay dirt of trick-or-treating: the full size candy bar. What’s the best strategy?
Well, that depends on the trick-or-treater’s objective. Maybe Sally just wants to get as many pieces of candy as possible, while her sister Susie only likes chocolate candy and wants to focus on houses that have given out chocolate in the past.
In a similar fashion, every legal case is different. Some require casting a broad net to get as much information as possible, others required a narrowly tailored approach looking for more specific details. Experienced eDiscovery practitioners know when to pick which strategy.
Step 2a: Preserve
Preservation is one of the most important parts of the EDRM. When it’s time to present in court, you need to be able to prove that any documents you present are still in their original state. While preservation is one of the earlier steps of the EDRM, these things aren’t entirely linear. Preservation needs to be a priority for every other step of the EDRM as well. As case teams dive deeper and deeper into the discovery process, they have to maintain the integrity of the original documents.
This is similar to how trick-or-treaters should not eat any candy until someone verifies that everything is sealed in its original packaging. Even as a kid, I knew not to start eating candy while out and about in the “collection” phase. Instead, I had to bring my candy in and let a parent double check to make sure that everything was what it claimed to be. If something was partially unwrapped and we couldn’t be fully confident about what it was, we threw it out. I could only start eating candy AFTER we confirmed that candy’s integrity.
Step 2b: Collect
This is it! The big night. Actually collecting that candy. We’ve figured out a strategy, and now we can go get all our candy. Each house is a source that gives us something slightly different. It’s also probably the most straightforward trick-or-treating to EDRM comparison so I won’t dwell on it too long.
In eDiscovery, practitioners obviously have to collect data before they can do much of anything else with it. Sometimes that means tracking down deleted data, or looking in places where other people wouldn’t think to look. Sometimes they do this collection remotely, other times onsite. Once teams have gone to all the right sources and gathered as much information as possible, they can start processing that information and help legal teams reach important conclusions.
Step 3a: Process
I mentioned earlier how when I was a kid, my parents would throw out any candy if it wasn’t fully sealed in its original packaging. Oftentimes in eDiscovery, that’s not a realistic option. There can be millions of dollars on the line, and legal teams can’t afford to simply “throw out” any evidence that has questionable integrity.
So how does a legal team reconcile this? They need defensible data, but some of the most important evidence to their case could be from deleted, edited, or corrupted files. Have no fear. Forensics and processing teams are here.
Let’s imagine that one neighbor decided to make homemade treats for trick-or-treaters. And let’s say that treat was easily THE best treat that either Sally or Susie collected in their entire stash. We’ll say it’s a chocolate cookie with a gooey caramel filling meticulously decorated to look like a unicorn. It would break Sally and Susie’s heart if they had to throw it out.
However, mom and dad are a little wary about letting Sally and Susie eat a homemade treat. There’s no ingredient label like there would be on a mass-produced piece of candy, and they don’t really know this neighbor well enough to trust them. What can they do to make sure these treats are safe?
Well if you’re my mother, you might suggest looking at the treats under a microscope to try and figure out what’s in them. Technically, there are actual food science labs that would be able to take that unicorn cookie apart and determine for sure if there’s anything suspect in it.
Data engineers in digital forensics are the eDiscovery equivalent of such a lab. Those who specialize in data processing can deduce information that lay people can’t. They can use metadata to figure out which documents are the unicorn cookie-equivalents that need to be elevated for review. If there are corrupt files, they can intervene and potentially restore documents to their original state in a defensible way. If some documents are in older file formats than many modern computers wouldn’t recognize, they can convert them into more user-friendly formats.
Such experts are able to save “treats” that an ordinary mom and dad might’ve just thrown out. More importantly, they’re able to do this in a way that preserves document integrity, and oftentimes find metadata that helps them better organize documents prior to review.
Step 3b: Review
Sure, a lot of us probably just kept our trick-or-treating haul in one big stash and ate candy whenever we felt like it. But if you wanted to be strategic, you could also introduce a “review” step into things. Remember Susie, our trick-or-treater who only cared about chocolate candy? She might decide to sort her stash into different types of candy so she wouldn’t eat all the best kinds too quickly. Maybe she’ll try to trade the non-chocolate candies she doesn’t like for chocolate.
In the EDRM, Document Review is all about going through documents and coding them as relevant or irrelevant to litigators. They can also implement issue coding to organize relevant documents based on topic, similar to sorting chocolate candy based on sub categories like caramel or peanut butter. With a review team sorting information into the appropriate buckets, litigators can focus their attention on documents that actually matter.
Step 3c: Analyze
Okay. You have your pile of candy. You know exactly how many pieces you have, and how much of each kind you have. Now you can actually start making some strategic decisions. Maybe Susie will decide to trade some of her gummy worms for chocolate. Maybe Sally will decide to ration her candy to a certain number of pieces each week so it lasts longer. (Okay, she probably won’t, but she could!)
This is similar to the analysis phase of the EDRM, when you can start making decisions with full confidence that those decisions are based on reliable data. The review stage was all about figuring out what’s relevant, but the analysis stage goes beyond that. This is where relevant documents become an actual case. Review teams work alongside litigators to find important patterns and thread documents together into narratives that can sway a judge in their favor.
Step 4: Produce
Now that we have a real plan for what kinds of candy we’re going to eat when, and where we maybe have opportunities to improve our haul, we can work with other people who ALSO have candy hauls (and maybe didn’t put as much thought into review and analysis as we did!). We can try to trade some of the candy we don’t like for candy we do like, or maybe Sally will agree to take on Susie’s chores for a week if Susie gives over all her peanut butter cups.
In the litigation process, the “production” step is all about getting the relevant documents you’ve selected ready for the final step, presentation. They have to be in whatever formats were previously agreed upon and they have to be delivered by the previously agreed upon deadlines.
Step 5: Present
Here it is. The moment everyone’s been waiting for: actually eating the candy! After putting so much thought into collecting and organizing this candy, we actually get to reap the benefits of that hard work. We can eat our favorite kinds without going through it too quickly, and knowing all our treats are exactly what they were supposed to be. If we REALLY wanted to, we could even store data about what candy we got from what houses so we make even more informed decisions next year. (It’s never too early to start teaching your kids about the importance of information governance!)
The final stage of the EDRM is presenting. Because we took careful consideration through each of the earlier stages of the EDRM, we can present a strong case in court. We can easily defend the integrity of our documents and the process we used to obtain that information. We were efficient enough to meet our deadlines. At the same time, we also didn’t let any relevant documents slip through the cracks, so opposing counsel can’t surprise us.