Background Note: The Electronic Discovery Reference Model (EDRM) provides a framework for the efficient and effective management of electronic information in the legal process. The EDRM model outlines the various stages involved in the discovery of electronic information, from preservation and collection to review and production. As such, understanding the EDRM is crucial for professionals working in the fields of cybersecurity, information governance, and legal discovery.
Cybersecurity professionals must be aware of the EDRM in order to respond to incidents that may trigger legal proceedings. They must be able to preserve electronic information that may be relevant to the litigation, and be able to identify and collect information that may be used as evidence.
Information governance professionals must understand the EDRM to ensure that their organizations’ electronic information is properly managed and can be produced in response to legal requests. They must be able to assess the risks associated with retaining electronic information and take steps to ensure that the information is protected and can be accessed as needed.
Legal discovery professionals must be familiar with the EDRM in order to manage the discovery process effectively. They must be able to identify and collect electronic information that may be relevant to the litigation, and be able to review and produce the information in a timely and cost-effective manner.
Understanding the EDRM enables professionals to make informed decisions and take effective actions as they conduct eDisclosure, eDiscovery, and Litigation Support.
Defining the EDRM Model #
As you would expect for a technical process, there is an official model showing the various steps involved in the whole procedure. This is known as the Electronic Discovery Reference Model (EDRM). The model is discussed in great detail at www.edrm.net, but for the purposes of this report the standard graphic used to give an overview of the approach is shown below.
If you want to see how the various stages of the EDRM process relate to the procedural requirements contained in the CPR and the related Practice Direction, and what this means in terms of the action that you should be taking in the context of eDisclosure and when, you should refer to the eDisclosure Timeline in Additional Resources section.
Note: Circular Processes
Some of the lines used to link the boxes have arrowheads at each end. This implies (and very often means) that the workflow “loops” around and that having done one box, you need to go back and repeat some previous processes.
The background in the graphic shows the volume of data decreasing as the various stages are completed, with a corresponding rise in the identification of relevant material. The various processes involved in eDisclosure are shown as discrete boxes with workflows between them. The main use of the model for this review is to provide a “shorthand” to explain the functionality that different software products provide.
For example a company specialising in area of Records Information Management, email archiving and the ability to “freeze” documents within a client environment in order to meet the requirements of disclosure (the US “Legal Hold” concept), might state that they “work in the left hand side of the EDRM model”. A forensic firm might focus on the purple Preservation and Collection areas, whereas a litigation support software firm might have literature showing them focused on the blue boxes of Processing, Review and Analysis.
The following sections go through each of the “boxes” of the model and look at three
The official description of the individual process/procedure.
What you as a lawyer might become involved in within this particular process.
Who can help
A brief overview of the types of services and/or software products you might need to support you in this process. Wherever possible software products are named, though these are non-exclusive lists.
Elements of the EDRM Model #
Information Governance #
Getting your electronic house in order to mitigate risk & expenses should eDiscovery become an issue, from initial creation of electronically stored information through its final disposition.
This is an area also known a Litigation Readiness and is normally conducted by the client. You might be called upon to assist in terms of providing advice on data retention requirements for a specific industry.
Who can help
Normally the preserve of the larger consultancy firms working with their clients.
NOTE: There’s a business development opportunity here
Why not approach your clients (possibly with a technology partner by your side) and engage them in conversations about becoming litigation ready. You supply the detailed legal and business specific knowledge and the client is better prepared for the “evil day” of litigation.
Locating potential sources of ESI & determining its scope, breadth & depth.
This is the initial stage where the client comes to you and explains their problem. Using a combination of your legal knowledge and their understanding of the organisation they work for, you should start to get an idea of where the ESI might be located. You might want to incorporate a rough outline of the scope in your initial client care letter, you might be happy with going on what the client tells you (it is their data after all), or you might want to delve a little deeper into what data silo’s exist.
This is very much a “horses for courses” area. A good rule of thumb is; do you know enough about the client and their technology to run a “sanity check” over what they are telling you?” If not, you might want to get some professional help to try and uncover the “nasties”, before they bite you downstream.
Who can help
Some eDisclosure suppliers specialise in producing something called a “data map”. This is NOT a technical document showing all the servers and other bits and pieces that makes up the client’s IT infrastructure. Rather it is a written description (possibly with a diagram or two) of where the various data sources are. For example: “Most of the information is stored on the email servers, but some is on the back-up tapes, and there is a company the main firm took over last year that has got its own IT infrastructure which will need to be examined.”
BEST PRACTICE: Build a “Data Map” as soon as possible
Should be a single piece of A4 that describes where the data is stored and any issues surrounding it. Print it out and have it on the front of the Matter file. The overall concept of a “Data Map” is embodied in Section 2 of the DRD.
Ensuring that ESI is protected against inappropriate alteration or destruction.
Once you have determined the possible scope of the areas you might (or definitely will) be collecting data from, you need to ensure that the client doesn’t delete or damage the ESI in those locations. Again this might be something for your initial engagement letter and you might need technical help. You might cover things like; stopping the re-use of back-up tapes (it can be cheaper to buy a whole new sets of tapes that over-write important evidence), or removing the limits on email in-boxes that cause emails over 60 days old to be deleted, or putting a hold on the re-use of the PC, that was used by the employee who is now suing your client.
Who can help
There are very expensive, mainly US-based tools that will enforce the American concept of “legal hold”. If your client has got this kind of software in place, they are probably involved in serial litigation and you won’t be reading this kind of Guide.
The key area that causes problems is when there is a “disconnect” between the client and their IT department. You might want to make sure that someone from the client’s IT department is involved in the initial meetings/conversations so that they can understand what you are asking the client to do. If you are not comfortable with your level of technical knowledge you might want to take along support from a vendor so they can talk “Geek to Geek”.
WARNING: Forget the Client’s IT staff at your peril
Make sure the Client’s IT people understand what data you are preserving, so that they don’t inadvertently destroy it as part of their normal business practice.
Gathering ESI for further use in the e-discovery process (processing, review, etc.).
As a rough guide, there are two kinds of data collection, those that require a forensic process (complete with chain of evidence documentation) which is normally in cases of fraud, and the rest, where you just need to collect the data in a competent manner. The first group is a specialist area, and if you are involved in this kind of proceedings, you probably have got a “tame” forensic investigator that you can use, if not you need to find one. The forensic data capture might also involve things like retrieving data from mobile phones, making forensic copies of PC’s or other computer equipment, and all other kinds of highly specific activities.
For the more general data collection requirement, there are issues here, more fully explored in subsequent chapters. Suffice it to say, that it is best to have a qualified individual or service provider collect the information and there are pitfalls involved in letting the client do it for themselves. However, in some cases this might be OK. There are two schools of thought on the scope of data collection. One is that you collect very broadly (so you only disturb the client once) and use the downstream processing to winnow out what you need. The other is that you do a focused collection and run
the risk of having to come back and widen the scope. Each is valid, and they are nonexclusive, in that you can start focused and (if the case progresses/warrants it) come back later and do a wider collection for downstream culling.
This is where an understanding of the case, and where the information is stored is invaluable, as you can then make informed decisions. With, of course the price of the different options and how it affects the downstream processing very much to the forefront of people’s minds.
WARNING: Badly collected data can lose you the case
Leave data collection to the experts. If the client offers to do to save money, be very careful and make sure they understand the implications if they get it wrong. It is NOT just a case of copying things from one place to another.
Who can help
The forensic data collection organisations are a specific grouping of service providers. Make sure that you get a forensics company and not just a litigation support service provider that has sent someone on a data collection course. They tend to use products such as Guidance EnCase or Access Data’s FTK toolkit to carry out the collection process, indeed these products are often used by the other group as well, just without the formalised chain of evidence documentation. The key thing is that people in this first group are used to appearing in court as an expert witness to explain how they obtained the specific piece of information.
The second type of data collection can be handled by a number of vendors, though in practice using the specialist organisations and dispensing with the formal side of things is a sound tactic.
Reducing the volume of ESI and converting it, if necessary, to forms more suitable for review & analysis.
The “shorthand” term for this stage is Early Case Assessment (ECA), or more accurately Early Data Assessment. This is where the range of options open to you increases quite dramatically. In the main the processing goes through two stages; first the data is “cleansed” in that unwanted types of information are automatically removed, this process can also involve the identification of duplicate versions of emails etc. Second, the data is loaded into a tool that allows the user to identify the information they want to take forward into the next stage.
The capabilities of the tools at this stage are quite bewildering, but in the main, you are trying to identify the information that you will want for your case, so an understanding of the key people involved in the matter (normally called data “Custodians” in techie speak) is good, as well as the date range that covers when key events happened. You might have an idea of the kinds of terms or keywords that would be useful to search on, but there are other much more powerful technologies at your fingertips that will surpass the results of keywords.
The key to getting maximum benefit from this stage is for you to team up with a sympathetic vendor and let them drive the technical process, whilst you supply the background and legal requirements of the matter.
BEST PRACTICE: Build a partnership with a service provider
Let the service provider drive the processing software; you should focus on giving them the salient points of the case issues, so that you can identify and cull out unwanted data.
Who can help
The choice of software here is split into two groups. On the one hand there are products specifically designed to work in this area. These range from software that third-party suppliers use such as CloudNine Law, IPRO’s Data Processing Solutions, or Nuix Discover, through to tools specifically designed by suppliers for this area, like the DART tool from Insugo. There are a number of these specialist tools, and the mention of those above is not to elevate them above the rest, purely to show examples of the genre.
Secondly, there are products from the next stages of the process (Review & Analysis), that incorporate functionality for this step as well. Products such as Nuix’s Ringtail, come to mind, as does Relativity’s Relativity Processor software, and Opentext (used to be called Recommind) offerings. Again, these are mentioned as examples and not as an exclusive list.
In the first few editions of the Guide, the Early Data Assessment modules of the “All in One” products did not match the functionality provided by dedicated tools. This is no longer the case, which is good news in one way as it adds to the choices available to you, and bad news in another, as it adds complexity to the selection process in this area.
Finally, there are specific ECA tools such as Brainspace and NexLP that are designed to sit alongside the review platforms as “best of breed” ECA options. In 2020/21 Reveal software acquired both of these products with the avowed intent of incorporating the functionality of both systems into Reveal and they are beginning to take on Relativity head-to-head. Continue to watch this space to see how that turns out.
NOTE: Controlling costs starts here
Getting a good deal on processing costs is as important as having the latest technology. There is no escape from this, you have to put in some effort in building a relationship with a service provider in order to understand your option.
Evaluating ESI for relevance & privilege.
For many, this and the next stage form the hub of the eDisclosure process. The products mentioned here will be the environment in which you and your legal team will conduct most (if not all) of your on-line interaction with the data. The first half of the equation is the ability to review ESI and assign values for: Relevance, Privilege, Trade Secret, Personal Data, and as many case-specific topics as you can shake a stick at. By the time you are in this stage, you will (hopefully) know what the issues are that you will be fighting the case on, and the various criteria you will apply to determine relevance et al. Your role will probably be to oversee the team that is carrying out this review work, though in smaller cases you might be doing the work yourself.
For large scale review exercises; you might have to recruit contract legal staff to do the work under supervision or farm the work out to one of the London based managed review facilities. You might have a “near shore” option of a cheaper office outside of London, or you might be involved with an off-shore Legal Processing Operation such as Integreon (India) or Exigent (South Africa). In essence you will direct the team (whatever the size and geographical location) and provide overall Quality Assurance back to the Client.
Who can help
The short answer to this one, is a lot of service providers. There is a lot more analysis of the firms and their products in the Chapters after this, but the broad split is between organisations that have their own software, and specialist software products that are supplied by different types of third-party vendors be they consultancies (of different sizes) or more generic companies (that come from different backgrounds). There is a bewildering mix of software functionality and supplier personnel that combine to give you a multitude of options.
The key is that you should go through a procurement exercise before you are deep in the middle of a case, and thus make the decision in a rational cost-effective manner, and not as a result of a frantic phone call to the first service provider you can find on a Friday afternoon.
That is what the rest of this Guide is about.
NOTE: What works for one firm, doesn’t for another.
The “right” software for law firms, varies according to the people on the legal staff, the kind of law they specialise in, the functionality of the software and the “chemistry” with the people from the service provider.
Evaluating ESI for content & context, including key patterns, topics, people & discussion.
This stage is so interwoven with the previous one, that though they are separated for technical reasons, in practical terms they will often take place within the same piece of software (albeit in some cases with the assistance of specialist plug-in modules).
The trick here is to understand what you need to do in order to meet the legal requirements of the case, and then how the technology can help you. By legal requirements I mean the issues of the matter as bounded by the court, cost and time. There is a scale of software tools available, and which ones you use are defined by the case, not by the product.
I find a useful analogy is the way in which it is possible to capture TV programs so they can be watched when we like. At the bottom end of the scale are VHS / Betamax video recorders, which are good for looking at something from start to end, but that’s about it. So if you want to do a linear review in which you look at virtually every bit of ESI from “document” one to one million, then there are products that are the equivalent of a VHS player that will help you do just that.
If, however, you have a more complex viewing requirement and want the equivalent of Sky HD+ box that allows you to record three shows at once, pause live TV, access the past 7 days of shows and download movies from on-line services, you want the litigation support products with more functionality.
The elephant in this particular room that everyone is avoiding is the concept of Computer Assisted Review or CAR. At this stage all we will do is acknowledge its existence, note that it has a formal definition in a Section or to, and hold that thought until we get to the following Chapters which give you an idea of all the different technologies that are available.
BEST PRACTICE: Understand the “what”, not the “how”.
No-one (particularly the Judiciary) will expect you to be able to explain the workings of the software. If you build an approach that samples the output to show it is working, then you have the basis for agreeing/arguing with your opponent at the first CMC.
Who can help
Same as before. Lots of service providers can help. The trick is to select one who can become a trusted partner, before it all starts getting too hectic.
Delivering ESI to others in appropriate forms & using appropriate delivery mechanisms.
You will want (have) to agree with the other side the scope of what you are delivering. The technical details of what is being handed over can be left to the service providers with the following exception.
It is assumed that the majority of the cases that readers of this Guide are involved in will focus on emails and their attachments, which will mainly be MS Office outputs in terms of Word, Excel and PowerPoint, with some PDF’s thrown in. The battleground here can be the format of those ESI items. Word, Excel, PowerPoint exist in what is called “Native” mode inside their programs, that is you can modify and change the contents of the document, spreadsheet or presentation. Those Native documents have something called metadata associated with them, things like the original creator of the document, the date it was last printed etc. For Excel and PowerPoint, unless the ESI is handed over in Native mode, it isn’t much use to the other side, so they will (quite rightly) insist upon it being handed over in that form. Word can cause all kinds of headaches, in that it can contain “Track Changes” which in turn may or may not hold privilege information etc. An option (reached by agreement with the other side) might be to create text searchable PDF’s and only hand those over.
If the opposition suggests only giving you “TIFF” images of the ESI, you should reject it.
It is sufficient for this level of explanation to know that there are issues in the production of ESI and be aware of them and your preferred approach long before you start engaging with the other side.
Neither you nor the other side should be taking 100% searchable ESI and turning it into images of printed pages. Those kind of games are contrary to Paragraph 34 of PD 31B and could result in an adverse order for costs. If your matter falls within the scope of CPR PD 51U (the eDisclosure Pilot) then the default mode for data exchange is “Native”.
Who can help
Whoever is supporting your litigation software should take care of the technical aspects of exchanging information. You should work with them in understanding the implications of the options that the opposition give to you. A useful best practice protocol and guidelines is available for free here.
NOTE: Used to be only for the specialist few
It is rare that you get to use presentation systems such as those deployed in the Leveson enquiry. Of more likelihood is a request for a set of linked PDF’s and that is something the service providers will happily do for you. Since 2013 and the advent of the Magnum product from Opus 2, you are more likely to find technology in the court room. The pandemic in 20/21 led to a significant uptake in the use of these systems from basic eBundling software through to courtroom support systems.
Displaying ESI before audiences (at depositions, hearings, trials, etc.), especially in native & near-native forms, to elicit further information, validate existing facts or positions, or persuade an audience.
This used to be a very US centric part of the model, and not something the majority of users of this Guide would come across. However, the advent in 2013 of the Magnum system from Opus 2, and in 2014 CaseLines from NetMaster Solutions Ltd, mean that if your case does make it all the way to court, you might well be using a computer system to help you. At a lessor level the ability to create a linked “bundle” of PDF documents is something more firms are becoming aware of, and using where appropriate. 2017 saw the arrival of the XBundle software suite in this area. 2018 ushered in both the TMX trial presentation product from Epiq, aiming to provide competition for Opus 2 and the marketing of the eponymous Bundledocs for the PDF linking solutions. The 2020 year of lockdown saw a big push towards the use of electronic bundles (or eBundles) throughout the litigation process, as well as a much bigger use of trial support software.
Who can help
In England and Wales this is still a specialist area and readers will be able to find the suppliers very easily.
EDRM Summary #
At the start of the process it is about you establishing the scope of the case, identifying the real issues, and then designing and driving the data collection and culling in an informed manner. You should NOT have to get involved in actual processing of data.
Once you are into the Review and Analysis stages, there is a very large range of options. The best advice is to carry out a procurement exercise, were you try as much as possible to compare Apples with Apples. That is what the rest of this Guide is about.