When Your Legal Tech Vendor Gets Breached: DocketWise Incident Exposes 116,666 Immigration Records and a Profession’s Blind Spot

Apr 9, 2026

Editor’s Note: A data breach at DocketWise, a widely used immigration case management platform in the United States, has exposed the personal records of 116,666 individuals — including Social Security numbers, passport data, medical records, and attorney-client case information. The breach, which began in September 2025 but was not publicly disclosed until April 2026, occurred through cloned repositories in a data migration pipeline accessed with stolen credentials, placing it squarely within the supply chain attack pattern that has defined the cybersecurity threat landscape over the past year.

For cybersecurity, data privacy, and eDiscovery professionals, this incident sits at a rare and uncomfortable intersection: vendor security failure, attorney-client privilege exposure, and the heightened sensitivity of immigration data in a period of intensified federal enforcement. The ethical obligations triggered by this breach — from ABA-mandated vendor monitoring to privilege review under Federal Rule of Evidence 502(b) — create immediate work for every firm that relied on DocketWise. The class action investigations already launched suggest the legal fallout is just beginning.

Watch for developments on two fronts: whether affected firms face privilege challenges in active immigration proceedings, and whether the class action litigation establishes new precedent for vendor liability standards in legal technology. Both outcomes will shape how law firms evaluate and monitor their technology partners going forward.

Content Assessment: When Your Legal Tech Vendor Gets Breached: DocketWise Incident Exposes 116,666 Immigration Records and a Profession’s Blind Spot

Information - 93%

Insight - 93%

Relevance - 92%

Objectivity - 91%

Authority - 91%

92%

Excellent

A short percentage-based assessment of the qualitative benefit expressed as a percentage of positive reception of the recent article from ComplexDiscovery OÜ titled, "When Your Legal Tech Vendor Gets Breached: DocketWise Incident Exposes 116,666 Immigration Records and a Profession’s Blind Spot."

Industry News – Cybersecurity Beat

When Your Legal Tech Vendor Gets Breached: DocketWise Incident Exposes 116,666 Immigration Records and a Profession’s Blind Spot

ComplexDiscovery Staff

The immigration attorneys who trusted DocketWise with their most sensitive case files — asylum applications, deportation defense records, visa petitions containing Social Security numbers and passport data — learned in early April of 2026 that an unauthorized actor had been inside the platform’s data migration pipeline since September 2025. The breach, disclosed to the Maine Attorney General on April 3, exposed the personal information of 116,666 individuals, and the forensic details raise uncomfortable questions that extend well beyond one vendor’s security posture.

DocketWise, a cloud-based immigration case management platform now owned by 8am (formerly AffiniPay) through its MyCase subsidiary, provides form preparation, case tracking, and client relationship management tools to U.S. immigration law firms. At the time of its acquisition by MyCase in 2022, DocketWise reported over 6,000 customers across over 2,500 law firms, nonprofits, and companies. Founded in 2016, the platform had positioned itself as the go-to solution for immigration practitioners seeking to consolidate client intake, document assembly, and billing into a single system. That consolidation — the very feature that made DocketWise attractive — also meant that when the breach occurred, the blast radius was extraordinary.

According to the company’s breach notification, an unauthorized actor used valid credentials to clone certain third-party partner repositories. Some of those repositories were part of a data migration pipeline for the DocketWise application and contained what the company described as “unstructured data” belonging to law firm customers across the platform, including personal information of the firms’ clients. The incident occurred on or around September 1, 2025. DocketWise detected possible credential compromise in October 2025, confirmed the scope on February 19, 2026, and began consumer notifications on April 3, 2026 — roughly seven months after the initial compromise and about five months after DocketWise first detected suspicious access. The Maine Attorney General notification, filed on behalf of five named law firm clients, identified 13 Maine residents among the 116,666 affected individuals nationwide.

The scope of exposed data reads like a checklist designed to maximize identity theft and immigration enforcement risk. According to the filing, compromised information spanned personal identifiers (names, addresses, dates of birth), government-issued IDs (Social Security numbers, driver’s license numbers, passport numbers, tax identification numbers), financial information (account details, access credentials, payment card numbers), medical information (health insurance policy numbers, condition and treatment data), and online account credentials (usernames and passwords for financial and non-financial accounts). The breadth tracks the formal enumeration in the Maine Attorney General filing.

For the eDiscovery and information governance community, the DocketWise breach is far from a routine vendor security failure notification to be filed and forgotten. It represents a convergence of three distinct professional obligations that rarely collide with this much force.

The Vendor Due Diligence Question

ABA Model Rule 1.1, through Comment 8, requires lawyers to maintain competence in the technology they use in practice. Model Rule 1.6(c) imposes a duty to make reasonable efforts to prevent unauthorized access to client information. Together, these rules create an affirmative obligation for firms to conduct security due diligence on every technology vendor that touches client data — and to monitor those vendors on an ongoing basis, not just at the point of contract signing.

The question confronting every immigration firm that used DocketWise is whether their vendor vetting process would survive scrutiny. Did they review DocketWise’s security certifications? Did their engagement agreements include breach notification timelines, data handling requirements, and incident response provisions? Were there regular security assessments after the initial onboarding? For many small and mid-sized immigration practices — the core of DocketWise’s customer base — the honest answer is likely no.

ABA Formal Opinion 483 (2018) addressed this directly, stating that lawyers have an obligation to monitor their technology vendors’ data security controls — an obligation that applies to both law-firm own-system breaches and incidents originating at third-party vendors. The New York City Bar’s Formal Opinion 2024-3 further clarified that when a cybersecurity incident occurs, a lawyer must act reasonably and promptly to stop the breach and mitigate damage. But between the initial compromise in September 2025 and the April 2026 notification, seven months elapsed. Immigration attorneys whose clients’ data was exposed had no opportunity to take protective action during that window — and many of those clients may be in active removal proceedings where exposed data could have immediate, life-altering consequences.

Privilege and Work Product Under Siege

The nature of the exposed data raises a distinct and thorny problem for litigators and eDiscovery professionals. Immigration case management platforms like DocketWise do not simply store client contact information. They house attorney-client communications, case strategy documents, declarations, legal memoranda, and work product prepared in anticipation of immigration proceedings that are, in many cases, adversarial.

When this type of data is exposed through a third-party breach, the privilege analysis becomes extraordinarily complicated. Under the federal common law of privilege, inadvertent disclosure does not automatically waive attorney-client privilege — but the analysis under Federal Rule of Evidence 502(b) hinges on whether the holder of the privilege took reasonable steps to prevent disclosure and promptly took reasonable steps to rectify the error upon discovering it. Here, the “holder” is the law firm, but the disclosure was caused by a vendor the firm entrusted with its data. Whether the firm’s reliance on DocketWise’s security constituted “reasonable steps” is now an open question — one that courts will assess on a case-specific basis — and opposing counsel in active immigration matters could exploit the ambiguity.

For eDiscovery practitioners advising affected firms, the immediate action items are concrete. First, every active matter that involved data stored in DocketWise requires a privilege review to identify what communications and work product may have been exposed. Second, firms should evaluate whether legal hold obligations are triggered — not for the underlying immigration matters, but for potential claims against DocketWise itself and for regulatory inquiries that may follow. Third, firms must assess whether any exposed documents were previously produced in discovery or relied upon in proceedings, because the integrity of those documents may now be in question.

Immigration Data in the Current Enforcement Climate

What elevates this breach from a serious cybersecurity incident to a potential human rights concern is the nature of the affected population and the current political environment. The individuals whose records were exposed are immigration clients — people who shared their most intimate personal details with attorneys precisely because attorney-client confidentiality was supposed to protect that information from disclosure.

The breach occurred against a backdrop of dramatically intensified immigration enforcement. According to the Deportation Data Project, deportations following ICE arrest and detention increased about 4.6 times between the second half of 2024 and the first nine months of the second Trump administration, and ICE arrests more broadly have roughly quadrupled in that period. Multiple states, including New Mexico and Colorado, enacted legislation in 2025 specifically designed to restrict the sharing of immigration data with federal enforcement agencies. The exposure of 116,666 immigration records — including names, addresses, passport numbers, and case-related information — introduces a category of harm that standard credit monitoring services cannot address.

Several states have responded to this heightened sensitivity with protective legislation. New Mexico’s SB 36 (2025) restricts disclosure of sensitive personal information, including immigration-related data, by state agencies and employees unless a court order mandates it. Colorado’s SB 25-276 (2025) expands existing limits on collection and disclosure of immigration-status and personal identifying information from state agencies to local governments and certain healthcare facilities, and restricts disclosure to federal immigration authorities absent a court order or legal requirement. These legislative efforts reflect a growing recognition that immigration data requires heightened protection — a recognition that makes the DocketWise breach particularly alarming.

DocketWise is offering affected individuals 24 months of credit monitoring and identity restoration services through IDX, with a July 3, 2026 enrollment deadline, as stated in the consumer notice filed with the Maine Attorney General. But credit monitoring cannot protect someone from the consequences of having their immigration case details, asylum claims, or deportation defense strategies exposed to unauthorized parties.

The Class Action and Regulatory Landscape

Multiple law firms have launched class action investigations into the breach. Edelson Lechtzin LLP, Migliaccio & Rathod LLP, Cole & Van Note, Shamis & Gentile P.A., and Murphy Law Firm are among the firms evaluating claims on behalf of affected individuals. The legal theories likely to emerge will center on negligence, breach of implied contract, unjust enrichment, and violations of state data breach notification statutes — particularly given the seven-month gap between the initial compromise and consumer notification.

The multi-firm scope of the Maine filing — five named law firm clients, with affected individuals spanning the platform’s customer base — suggests the breach was not isolated to a single firm’s data but cut across a broad cross-section of DocketWise’s clients, implicating the platform’s shared infrastructure.

DataBreaches.net reported that a separate, apparently unrelated incident also affected an immigration law firm during this period — a misconfigured Amazon S3 bucket exposing files belonging to a New York City immigration practice. While there is no established connection between the two incidents, their temporal proximity underscores how consistently vulnerable immigration law data remains across the technology stack.

A Supply Chain Attack by Another Name

Cybersecurity professionals will recognize the DocketWise breach mechanism — valid credentials used to clone partner repositories — as a textbook supply chain compromise. The attacker did not need to exploit a zero-day vulnerability or deploy malware. They walked through the front door with stolen keys.

This pattern aligns with the dominant attack trend of 2025 and early 2026, where credential-based intrusions into cloud infrastructure and developer repositories have become the primary vector for large-scale data theft. Bastion’s 2026 supply chain security report estimates that 70% of organizations experienced supply chain incidents in the preceding year, with losses reaching an estimated $60 billion globally — figures that reflect a vendor study rather than official government statistics but signal the scale of the problem. The Shai-Hulud campaigns — a series of npm-package compromises in late 2025 that harvested developer credentials at scale — demonstrated how a single compromised account can cascade across interconnected platforms.

The DocketWise scenario fits this pattern precisely. A data migration pipeline — the kind of system that exists temporarily during platform transitions and often receives less security scrutiny than production environments — became the attack surface. The “unstructured data” sitting in those repositories was likely there because migration processes tend to move data in bulk, without the access controls and encryption that protect it in the production application. For cybersecurity teams advising legal technology vendors, this is a wake-up call: migration pipelines deserve the same security posture as production systems, and partner repository credentials require rotation policies, access monitoring, and anomaly detection.

The American Immigration Lawyers Association had not issued a public statement regarding the DocketWise breach as of April 8, 2026.

Vendor Risk after Docketwise

For information governance professionals, the DocketWise breach demands an immediate review of vendor risk management programs. Every firm that used DocketWise should begin with a comprehensive data inventory — identifying which client matters had data stored in or migrated through the platform and what categories of information were involved. That inventory drives every subsequent decision: which clients must be notified under ABA ethical obligations, which matters require privilege review, whether legal hold obligations have been triggered for potential claims against DocketWise or regulatory inquiries, and whether any documents previously produced in immigration proceedings need integrity verification.

The sequence matters. Notification to clients should follow — not precede — a reasonable assessment of what was actually exposed, because overinclusive notifications can create unnecessary panic while underinclusive notifications compound the ethical breach. Firms should also evaluate their existing vendor agreements with DocketWise for breach notification provisions, indemnification clauses, and data handling commitments that may support future claims.

For cybersecurity teams, the actionable takeaways center on credential management and pipeline security. Organizations should audit which third-party partners have credential access to any repositories that touch client data, implement mandatory credential rotation for migration and integration pipelines, and deploy monitoring for bulk repository cloning — an activity that should trigger immediate alerts in any environment handling sensitive legal data.

The DocketWise incident strips away a comfortable assumption that has persisted in legal technology adoption: that vetting a vendor at the point of purchase satisfies the ethical duty of technological competence. It does not. The duty is continuous, the risks are compounding, and when the data involved belongs to some of society’s most vulnerable individuals, the stakes of getting it wrong extend far beyond regulatory fines and class action settlements.

What should the legal technology industry’s standard of care look like for vendors that handle immigration data — and who should define it?

News Sources

DocketWise Data Breach Affects 116K, Lawsuit Possible (ClassAction.org)
Two Data Security Incidents Affected Immigration Law Firms and Their Clients (DataBreaches.net)
Data Breach Alert: Edelson Lechtzin LLP Investigates DocketWise Data Breach (PR Newswire)
DocketWise Data Breach Investigation (Migliaccio & Rathod LLP)
DocketWise Data Breach Affects 116k People, Exposing SSNs (ClaimDepot)
Immigration Software Firm Hit With Data Breach Impacting 116,666 People (The Daily Hodl)
DocketWise Data Breach Investigation (Cole & Van Note)
Protecting Immigrant Communities: How States Can Lead in 2026 (American Immigration Council)
AffiniPay Rebrands As 8am (LawNext)
2026 Supply Chain Security Report (Bastion)

Assisted by GAI and LLM Technologies

Additional Reading

Source: ComplexDiscovery OÜ

ComplexDiscovery’s mission is to enable clarity for complex decisions by providing independent, data‑driven reporting, research, and commentary that make digital risk, legal technology, and regulatory change more legible for practitioners, policymakers, and business leaders.

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is an independent digital publication and research organization based in Tallinn, Estonia. ComplexDiscovery covers cybersecurity, data privacy, regulatory compliance, and eDiscovery, with reporting that connects legal and business technology developments—including high-growth startup trends—to international business, policy, and global security dynamics. Focusing on technology and risk issues shaped by cross-border regulation and geopolitical complexity, ComplexDiscovery delivers editorial coverage, original analysis, and curated briefings for a global audience of legal, compliance, security, and technology professionals. Learn more at ComplexDiscovery.com.

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Gemini, Grammarly, Midjourney, and Perplexity, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

Pricing

Editor's Note: Generative AI is no longer a future-state concept in eDiscovery pricing; it is already reshaping how legal, technology, and corporate teams evaluate cost, value, and defensibility. In this Winter 2026 Pricing Pulse analysis, ComplexDiscovery OÜ, in partnership with EDRM, examines a market that is simultaneously stabilizing in traditional service categories and fragmenting in newer AI-driven ones. The findings highlight a clear divide between established pricing norms for forensic collection, processing, hosting, and document review, and the still-developing commercial models emerging around GenAI-assisted review. For cybersecurity, data privacy, regulatory compliance, and eDiscovery professionals, that divide matters. Pricing transparency now directly affects budgeting, vendor selection, matter planning, and risk management—especially as organizations weigh the promise of AI efficiency against unresolved questions around exception handling, quality control, and contract structure. This analysis offers a timely benchmark for understanding where the market stands today and where pricing pressure is likely to intensify next.

[exclude_from_rss]

[taq_review]

[/exclude_from_rss] Industry Research

A Complete Analysis of the Winter 2026 eDiscovery Pricing Survey

ComplexDiscovery Staff

Executive Summary

The Winter 2026 eDiscovery Pricing Survey, conducted by ComplexDiscovery OÜ in partnership with the Electronic Discovery Reference Model (EDRM) across December 2025 through February 2026, captures a market at a pivotal inflection point. Generative AI (GenAI) has moved into operational workflows for a significant and growing segment of the eDiscovery market — but adoption is uneven, pricing frameworks have not kept pace, and a meaningful share of practitioners have not yet engaged with AI-assisted review at any level. That bifurcation between early adopters and the rest of the market is itself one of the survey's defining findings. Drawing on 53 responses from legal professionals, technology providers, corporations, and consultancies, this survey provides a detailed pricing snapshot of the current eDiscovery market, spanning forensic collection, data processing and hosting, document review, and GenAI-assisted review. Several clear signals emerge from the data. Forensic collection and examination rates have stabilized in the $250–$350 per hour range for standard work, with premium rates for testimony and analysis. Data hosting has commoditized meaningfully at the infrastructure level, while analytics-enabled hosting retains pricing differentiation. Document review rates are stable but per-document billing remains opaque. Most critically, GenAI-assisted review pricing is experimentally diverse — hybrid models and per-document billing each claim roughly 28% of reported primary models, with the $0.11–$0.50 per-document range emerging as a competitive zone that directly challenges traditional human review economics. This report covers all 25 survey questions, organized into four thematic sections, with analyst observations and strategic implications throughout. All findings represent self-reported practitioner perceptions of prevailing market pricing — not verified transaction records — and should be read as directional market intelligence. Unlike vendor-produced or client-commissioned pricing guides, the Pricing Pulse is designed and published independently by ComplexDiscovery OÜ in partnership with the Electronic Discovery Reference Model (EDRM), with no commercial interest in any specific pricing outcome.

About the Survey

Survey Design and Purpose The Winter 2026 eDiscovery Pricing Survey was designed and administered by ComplexDiscovery OÜ in partnership with the Electronic Discovery Reference Model (EDRM) as part of its ongoing Pricing Pulse research program. The survey's primary purpose is to provide eDiscovery practitioners, technology providers, and legal operations professionals with empirically grounded pricing benchmarks across the key service categories that define the eDiscovery market. The Pricing Pulse is practitioner-reported and independently produced — it is not sponsored by, or designed to favor, any vendor, platform, or service category. Respondent comments critiquing the survey design itself are actively incorporated into future iterations, as reflected in this report's processing methodology note. This iteration of the survey placed particular emphasis on generative AI-assisted review pricing — a category first addressed formally in prior survey cycles and highlighted significantly in Winter 2026 to reflect the technology's accelerating, if uneven, integration into eDiscovery workflows. The five GenAI pricing questions (Questions 18–22) were designed to capture not just price points but pricing model structures, exception handling practices, and the nascent development of outcome-based pricing — recognizing that practitioners at very different stages of AI adoption would be responding. Respondent Profile The survey received 53 completed responses. By business segment, law firms represented the largest cohort at 43.4% (23 respondents), followed by software and/or services providers at 24.5% (13), corporations at 15.1% (8), consultancies at 9.4% (5), and media, research, or educational organizations at 7.5% (4). By primary function, 67.9% (36) identified as legal/litigation support professionals, 26.4% (14) as business or business support functions, and 5.7% (3) as IT or product development.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Survey-Respondents-by-Organizational-Segment-Winter-2026.pdf" title="Survey Respondents by Organizational Segment - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Survey-Respondents-by-Primary-Function-Winter-2026.pdf" title="Survey Respondents by Primary Function - Winter 2026"]

Geographically, the survey is overwhelmingly U.S.-centric: 92.5% of respondents (49) indicated North America – United States as their primary eDiscovery business geography, with the remaining 7.5% distributed across Europe (United Kingdom and non-UK) and Asia/Asia Pacific. This composition reflects the survey's community of practitioners and should be taken into account when applying results to non-U.S. markets.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Survey-Respondents-by-Geographic-Region-Winter-2026.pdf" title="Survey Respondents by Geographic Region - Winter 2026"]

The respondent pool's composition — heavily weighted toward legal practitioners with meaningful technology provider and in-house corporate representation — lends credibility to the pricing data for legal use cases while also surfacing supply-side perspectives from vendors who see pricing across many client engagements.

Section 1: Forensic Collection, Examination, and Testimony Pricing

Forensic collection and digital examination form the evidentiary foundation of eDiscovery. Unlike commoditized downstream services, forensic work depends on specialized expertise, defensible chain-of-custody protocols, and increasingly complex device environments. Mobile devices, cloud-linked data ecosystems, encrypted storage, and enterprise application footprints have expanded the examiner's scope considerably over the past several years, sustaining rate levels that resist the downward pressure more commoditized services face. Expert witness testimony sits at the highest value tier of forensic work — where practitioner credentials, courtroom experience, and legal exposure command significant premium pricing. Q1 & Q2 — Per Hour Cost for Onsite and Remote Collection The $250–$350 per hour range is the clear market anchor for forensic collection, cited by 56.6% of respondents for both onsite and remote collection. However, the distributions diverge meaningfully at the premium tier: 20.8% of respondents report onsite collection rates exceeding $350 per hour, compared to just 5.7% for remote. Conversely, remote collection skews lower — 18.9% report sub-$250 rates for remote work, versus only 5.7% for onsite. This onsite premium reflects real cost structures: travel, physical access logistics, on-premises security requirements, and the coordination burden of collecting in active enterprise environments. The growth of remote forensic collection tools — driven in part by pandemic-era necessity and now institutionalized in many engagements — has introduced competitive downward pressure on remote rates that onsite services do not face to the same degree. Four respondents (7.5%) indicate alternative pricing models for remote collection, suggesting some providers are moving toward flat-fee or subscription-based remote collection arrangements.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Collection-Pricing-Per-Hour-Cost-for-an-Onsite-Collection-by-a-Forensic-Examiner-Winter-2026-.pdf" title="Collection Pricing - Per Hour Cost for an Onsite Collection by a Forensic Examiner - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Collection-Pricing-Per-Hour-Cost-for-a-Remote-Collection-by-a-Forensic-Examiner-Winter-2026.pdf" title="Collection Pricing - Per Hour Cost for a Remote Collection by a Forensic Examiner - Winter 2026"]

Q3 & Q4 — Per Device Cost for Desktop/Laptop and Mobile Device Collection Device-based pricing skews decisively to the upper tier: 50.9% of respondents report per-device costs exceeding $350 for desktop and laptop collections, and 49.1% report the same for mobile devices. The $250–$350 mid-range captures 18.9% for computers and 24.5% for mobile devices — the higher mobile representation in the mid-range may reflect lower-complexity or volume-based mobile collection engagements where physical access is easier and device configurations are more standardized. Perhaps most notable is the convergence of mobile and computer collection pricing at the upper tier. Mobile device collection — once considered simpler than computer collection due to smaller storage capacities — now commands comparable rates as encryption, cloud sync architectures, third-party application data, and ephemeral messaging platforms have substantially increased examiner effort and risk. Practitioners seeking to budget mobile collection as a lower-cost alternative to computer collection will increasingly find the market does not support that assumption.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Collection-Pricing-Per-Device-Cost-for-a-Desktop-Laptop-Computer-Collection-by-a-Forensic-Examiner-Winter-2026.pdf" title="Collection Pricing - Per Device Cost for a Desktop Laptop Computer Collection by a Forensic Examiner - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Collection-Pricing-Per-Device-Cost-for-a-Mobile-Device-Collection-by-a-Forensic-Examiner-Winter-2026.pdf" title="Collection Pricing - Per Device Cost for a Mobile Device Collection by a Forensic Examiner - Winter 2026"]

Q5 — Per Hour Cost for Investigation, Analysis, and Report Generation Investigation, analysis, and report generation command a higher hourly rate floor than collection itself. More than half of respondents (54.7%) report rates in the $350–$550 range for this work, compared to the $250–$350 majority for collection. Only 30.2% report rates below $350 per hour for analysis, and 5.7% exceed $550. This premium reflects the cognitive and legal weight of analytical work. Forensic examiners producing reports that will be used in litigation, regulatory proceedings, or internal investigations are exercising expert judgment that creates professional liability — and the market prices that exposure accordingly. Practitioners purchasing forensic services should anticipate that billing rates will escalate from collection through analysis, often within the same engagement.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Collection-Pricing-Per-Hour-Cost-for-Investigation-Analysis-and-Report-Generation-by-an-FE-Winter-2026.pdf" title="Collection Pricing - Per Hour Cost for Investigation Analysis and Report Generation by an FE - Winter 2026"]

Q6 — Per Hour Cost for Expert Witness Testimony Expert witness testimony carries the highest rate profile in the forensic pricing group. While 47.2% report testimony rates in the $350–$550 range — consistent with analysis rates — a notable 26.4% report rates exceeding $550 per hour, the highest proportion in any >$550 category across the survey. The elevated 'do not know' response rate (20.8%) likely reflects that many practitioners engage forensic examiners for collection and analysis but not testimony, creating a meaningful gap in their pricing awareness for this segment. Expert witness rates are driven by factors beyond standard hourly billing — including the examiner's track record, publication history, geographic availability, and the complexity of the matter at issue. The wide distribution, from below $350 to above $550, reflects a market where individual credentials create significant pricing dispersion.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Collection-Pricing-Per-Hour-Cost-for-Expert-Witness-Testimony-In-Person-and-Written-by-an-FE-Winter-2026.pdf" title="Collection Pricing - Per Hour Cost for Expert Witness Testimony (In-Person and Written) by an FE - Winter 2026"]

Analyst Observation — Forensic Collection & Examination The forensic pricing landscape shows a well-established rate structure for collection and a predictable escalation through analysis to testimony. The $250–$350 range for collection hours serves as a reliable negotiation baseline. The key risk for buyers is underbudgeting for analysis and testimony phases — where rates routinely exceed $350/hour and frequently surpass $550. Practitioners with active litigation portfolios should establish explicit rate schedules with forensic vendors for all service tiers at engagement outset, not just collection. Key Takeaways — Section 1

$250–$350/hour is the market anchor for both onsite and remote forensic collection (56.6% each).
Onsite collection carries a measurable premium: 20.8% report >$350/hour vs. 5.7% for remote.
Mobile device collection rates have converged with computer collection at the upper tier (both ~50% report >$350/device).
Investigation, analysis, and report generation rates escalate to $350–$550/hour for 54.7% of respondents.
Expert witness testimony exceeds $550/hour for 26.4% — the highest proportion across all survey categories.

Section 2: Data Processing, Hosting, and Project Management Pricing

Data processing and hosting represent the operational infrastructure of eDiscovery delivery. Processing — transforming raw electronically stored information (ESI) into a reviewable format — has historically been a significant cost driver in large matters. Hosting provides the platform on which review takes place. Both categories have experienced significant commoditization pressure from cloud infrastructure economics, but the emergence of AI-driven early culling and processing tools is beginning to reshape volume dynamics in ways that affect both pricing and billing model design. Q7 & Q8 — Per GB Cost to Process ESI at Ingestion and at Completion Processing pricing at ingestion is relatively compressed: 39.6% of respondents report rates in the $25–$75 per GB range, and 34.0% report rates below $25 per GB. A significant 18.9% indicate alternative pricing models, reflecting the market's movement away from traditional per-GB ingestion billing. Processing pricing at completion of processing tells a different story. The most commonly reported range shifts to 'less than $100 per GB' (37.7%), and the proportion reporting alternative pricing models rises to 22.6%. Another 15.1% report $100–$150 per GB at completion, and 9.4% exceed $150 per GB. The jump from ingestion to completion reflects the data expansion and enrichment that occurs through native processing, deduplication, OCR, and promotion — processes that substantially increase the per-GB cost basis for providers. One respondent offered a methodologically important observation worth acknowledging directly: the survey's two-question processing model may conflate two distinct industry billing philosophies — an 'all-in' per-GB rate that covers ingestion through promotion, versus a staged model with separate per-GB charges for ingestion and native processing or promotion to review. This is a legitimate distinction, and practitioners benchmarking against these results should clarify which model their vendor employs. Future survey iterations will address this more precisely.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Processing-Pricing-Per-GB-Cost-to-Process-ESI-Based-on-Volume-at-Ingestion-Winter-2026.pdf" title="Processing Pricing - Per GB Cost to Process ESI Based on Volume at Ingestion - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Processing-Pricing-Per-GB-Cost-to-Process-ESI-Based-on-Volume-at-Completion-Winter-2026.pdf" title="Processing Pricing - Per GB Cost to Process ESI Based on Volume at Completion - Winter 2026"]

Q9 & Q10 — Per GB Per Month Cost to Host ESI Without and With Analytics Data hosting without analytics has substantially commoditized. More than half of respondents (54.7%) report hosting rates below $10 per GB per month, and another 30.2% fall in the $10–$20 range. Less than 2% report rates exceeding $20 per GB per month. This distribution reflects years of cloud infrastructure cost reduction passed through to buyers, as major platform providers compete on storage economics. Analytics-enabled hosting shows a wider and higher distribution. While 43.4% report rates below $15 per GB per month with analytics, 32.1% fall in the $15–$25 range, and 11.3% exceed $25 per GB per month. The premium for analytics-capable hosting reflects platform differentiation: vendors with mature AI search, conceptual clustering, visualization tools, and review workflow automation can sustain higher rates. Undifferentiated platforms — those competing primarily on storage price — face continued downward pressure as infrastructure costs decline. One respondent's comment corroborates this trajectory directly, observing that while overall eDiscovery pricing has been stable, technology costs specifically appear to be coming down — a signal consistent with the commoditization pattern visible in the hosting data.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Processing-Pricing-Per-GB-Cost-Per-Month-to-Host-ESI-without-Analytics-Winter-2026.pdf" title="Processing Pricing - Per GB Cost Per Month to Host ESI without Analytics - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Processing-Pricing-Per-GB-Cost-Per-Month-to-Host-ESI-with-Analytics-Winter-2026.pdf" title="Processing Pricing - Per GB Cost Per Month to Host ESI with Analytics - Winter 2026"]

Q11 — User License Fee Per Month for Access to Hosted Data User licensing is in an active state of structural transition. The $50–$100 per user per month range is the most frequently cited (41.5%), but a striking 34.0% of respondents report alternative pricing models — the highest alternative-model proportion among any category in the processing and hosting section. Only 17.0% report rates below $50 per user per month. The high alternative-model rate reflects a market shift away from traditional per-seat licensing toward enterprise agreements, volume tiers, and managed service arrangements that bundle access costs into broader contract structures. For corporate legal departments and law firms managing multi-matter eDiscovery portfolios, these bundled arrangements restructure cost visibility: per-matter spend attribution becomes less granular, which may simplify budgeting at the portfolio level but reduces transparency at the individual matter level. Whether bundled arrangements represent a net financial advantage depends on volume, negotiated terms, and how closely actual usage tracks the contracted scope — variables the survey does not measure.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Processing-Pricing-User-License-Fee-Per-Month-for-Access-to-Hosted-Data-Winter-2026.pdf" title="Processing Pricing - User License Fee Per Month for Access to Hosted Data - Winter 2026"]

Q12 — Per Hour Cost of Project Management Support for eDiscovery Project management pricing is the most consistent and well-understood category in the processing and hosting group. More than half of respondents (52.8%) report rates in the $100–$200 per hour range, and 26.4% report rates exceeding $200 per hour. The low 'do not know' rate (5.7%) — tied with Q9 for the lowest across all Section 2 questions — indicates that PM pricing is well understood by practitioners and regularly visible in vendor proposals. The 26.4% reporting greater than $200 per hour for project management likely reflects the growing complexity of modern eDiscovery engagements. Today's project managers must coordinate across AI review platforms, multiple review vendor relationships, technical review workflows, and real-time quality control functions — a scope considerably broader than the data management and platform coordination role the title suggested in prior market iterations.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Processing-Pricing-Per-Hour-Cost-of-Project-Management-Support-for-eDiscovery-Winter-2026.pdf" title="Processing Pricing - Per Hour Cost of Project Management Support for eDiscovery - Winter 2026"]

Analyst Observation — Processing, Hosting & Project Management Processing pricing is bifurcating: per-GB billing at ingestion remains common, but completion-phase and analytics-related pricing is shifting toward bundled and alternative models. Practitioners anchored to traditional per-GB benchmarks for TAR, analytics hosting, or managed service arrangements may be negotiating based on outdated frameworks. Hosting has genuinely commoditized at the infrastructure level — the pricing action now lives in analytics differentiation layered above the storage tier. Key Takeaways — Section 2

Processing at ingestion is largely below $75/GB (73.6% combined), but completion-phase pricing climbs with 24.5% reporting $100/GB or more.
Alternative pricing models account for 18.9% at ingestion and 22.6% at completion — signaling a structural shift away from per-GB processing billing.
Basic hosting has commoditized: 54.7% report sub-$10/GB/month. Analytics hosting retains differentiation with 11.3% exceeding $25/GB/month.
User licensing is migrating from per-seat to bundled models — 34.0% report alternative pricing structures.
Project management rates are well understood and rising: 26.4% now exceed $200/hour, reflecting growing engagement complexity.

Section 3: Document Review Pricing

Document review sits at the commercial center of most eDiscovery engagements. It is the largest cost driver in complex litigation, the primary arena in which human expertise meets technology leverage, and the category most directly disrupted by the emergence of GenAI-assisted review. Pricing in this section spans both hourly attorney rates (the traditional billing model) and per-document rates (a model that has gained traction as technology-assisted review has enabled higher throughput). The data in this section provides critical context for interpreting the GenAI pricing data that follows in Section 4. Q13 — Per GB Cost for Predictive Coding / Technology-Assisted Review Predictive coding and technology-assisted review (TAR) pricing has largely migrated away from per-GB billing. The highest single response category (35.8%) is 'alternative pricing model' — the highest alternative-model proportion of any per-GB question in the survey. Among those who do provide per-GB TAR pricing, 30.2% report rates below $75 per GB, 13.2% report $75–$150 per GB, and only 1.9% exceed $150 per GB. The 18.9% 'do not know' rate for TAR pricing suggests that many practitioners receive predictive coding as an embedded capability within their review platform subscription rather than a separately line-itemed service. This bundling trend, combined with the high alternative-model rate, indicates that standalone per-GB TAR billing is becoming the exception rather than the rule as platforms integrate AI-driven prioritization into standard hosting fees.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-GB-Cost-for-Predictive-Coding-in-a-Technology-Assisted-Review-Winter-2026.pdf" title="Review Pricing - Per GB Cost for Predictive Coding in a Technology-Assisted Review - Winter 2026"]

Q14 & Q15 — Per Hour Cost for Onsite and Remote Managed Review Attorneys Hourly managed review attorney rates are well understood and show a consistent onsite premium over remote delivery. For onsite review, 45.3% of respondents report rates exceeding $40 per hour, and 32.1% report $25–$40 per hour. For remote review, the distribution shifts: 41.5% report $25–$40 per hour, and 35.8% report greater than $40 per hour. The onsite premium reflects overhead recovery for physical review facilities, security infrastructure, and on-site supervision costs. Despite the normalization of remote review following the pandemic era, onsite review commands a persistent rate premium that clients with physical review requirements should anticipate. The relatively high 'do not know' rates for both onsite (18.9%) and remote (17.0%) suggest that many practitioners engage review vendors without direct visibility into the underlying attorney billing rates — a transparency gap that can make accurate matter budgeting difficult.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-Hour-Cost-for-Document-Review-Attorneys-to-Review-Documents-Onsite-Winter-2026.pdf" title="Review Pricing - Per Hour Cost for Document Review Attorneys to Review Documents Onsite - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-Hour-Cost-for-Document-Review-Attorneys-to-Review-Documents-Remote-Winter-2026.pdf" title="Review Pricing - Per Hour Cost for Document Review Attorneys to Review Documents Remote - Winter 2026"]

Q16 & Q17 — Cost Per Document for Onsite and Remote Managed Review Per-document billing for human document review carries significant uncertainty across the respondent pool. For onsite per-document review, 34.0% of respondents indicate they do not know the cost — the highest 'do not know' rate among all document review questions. For remote per-document review, 30.2% report not knowing. Among those with visibility, the $0.50–$1.00 per document range dominates for both onsite (30.2%) and remote (28.3%) delivery, with onsite showing a higher proportion of rates exceeding $1.00 per document (22.6% vs. 18.9% remote). Remote per-document review trends lower at the bottom of the range: 13.2% report sub-$0.50 rates for remote work versus only 3.8% for onsite. This directional difference is consistent with lower overhead costs in remote delivery environments. In this analyst's view, where the $0.50–$1.00 per-document rate for human review meets GenAI-assisted pricing in the $0.11–$0.50 range, the economic case for AI-assisted review becomes direct — provided quality and defensibility standards are met. The per-document rate distribution for human review is strategically important as a baseline against which GenAI-assisted review pricing should be evaluated. Where human review rates run $0.50–$1.00 per document and GenAI-assisted alternatives are priced in the $0.11–$0.50 range, the cost differential is substantial enough to drive adoption decisions — though the economic case ultimately depends on matter-specific quality thresholds and the degree to which AI exception handling costs are controlled.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-Document-Cost-for-Document-Review-Attorneys-to-Review-Documents-Onsite-Winter-2026.pdf" title="Review Pricing - Per Document Cost for Document Review Attorneys to Review Documents Onsite - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-Document-Cost-for-Document-Review-Attorneys-to-Review-Documents-Remote-Winter-2026.pdf" title="Review Pricing - Per Document Cost for Document Review Attorneys to Review Documents Remote - Winter 2026"]

Analyst Observation — Document Review Traditional document review rates have held relatively stable, but the market's increasing inability to articulate per-document pricing — particularly for onsite review — signals a structural shift away from document-count-based billing toward time-based models that are less directly comparable to AI-assisted pricing. Practitioners should push for per-document rate transparency in vendor proposals to enable genuine cost modeling against AI alternatives. Key Takeaways — Section 3

TAR/predictive coding billing is migrating away from per-GB models: 35.8% report alternative pricing, 18.9% don't know — bundled platform pricing is absorbing this cost.
Onsite managed review attorney rates exceed $40/hour for 45.3% of respondents vs. 35.8% for remote — the onsite premium persists.
Per-document review rates cluster in the $0.50–$1.00 range for both onsite and remote, with significant 'do not know' responses (34% onsite, 30.2% remote) indicating a transparency gap.
The $0.50–$1.00 per-document human review baseline sets up direct economic competition with emerging GenAI-assisted review pricing.

Section 4: GenAI-Assisted Review Pricing

The Winter 2026 survey's GenAI section was designed to illuminate where pricing clarity exists, where models are still fluid, and where the industry is beginning to form conventions around AI-assisted document review. What the results reveal is not a uniformly mature market but a bifurcated one: a segment of practitioners actively deploying and pricing GenAI review, and a substantial minority — 17.0% reporting it as not applicable or unknown — who have not yet engaged with it at a pricing level. Both cohorts are represented in the data, and the analysis in this section is relevant to each in different ways. This is not surprising. GenAI-assisted review introduces fundamentally different cost economics than traditional review: provider costs are driven by token consumption, GPU infrastructure, and model licensing — not attorney hours. Translating those costs into buyer-facing pricing structures that are transparent, predictable, and defensible has proven more difficult than the technology adoption itself. Q18 — Primary Model for GenAI-Assisted Review The two leading GenAI pricing models are effectively tied: hybrid pricing (combinations of multiple models) and per-document billing each account for 28.3% of primary model responses (15 respondents each). Per-GB billing captures 11.3%, per-token billing 5.7%, flat monthly subscription 5.7%, and outcome-based pricing 3.8%. Notably, 17.0% report that GenAI-assisted review pricing is not applicable or unknown to them — suggesting a meaningful share of the practitioner community has not yet engaged with AI review at a pricing level. The dominance of hybrid models reflects the reality that many providers are constructing bespoke proposals that combine per-document minimums, per-GB infrastructure charges, and platform subscription components. This complexity makes apples-to-apples comparison difficult for buyers — and may be intentional. Per-document pricing's co-equal standing with hybrid models suggests that a document-level unit of value is widely accepted as a conceptual billing anchor, even when the final structure is more complex. One respondent's comment illustrates the breadth of emerging structures not fully captured by the five survey model options: some providers are pricing GenAI review as an hourly professional service — with consultants performing query engineering, model interaction, and attorney collaboration — billed at standard hourly rates with per-matter minimums and not-to-exceed caps. This hourly professional service model sits outside the per-document or per-GB frameworks the market most commonly discusses, and its presence signals that GenAI pricing model diversity is wider than any single survey's categories can fully contain. Per-token pricing — the underlying cost reality for large language model deployments — has not been widely passed through to buyers (5.7%). This indicates that providers are currently absorbing token cost variability and presenting buyers with higher-order pricing units. As token costs evolve with model efficiency improvements, the degree to which providers pass these economics through will be an important market dynamic to watch.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/03/Review-Pricing-Primary-Model-for-Gen-AI-Assisted-Review-in-eDiscovery-Winter-2026.pdf" title="Review Pricing - Primary Model for Gen AI-Assisted Review in eDiscovery - Winter 2026"]

Q19 — Average Cost Per Document for GenAI-Assisted Review (Per-Document Model) Among all survey respondents, the $0.26–$0.50 per-document tier is the most frequently cited GenAI price point (20.8%), followed by both the $0.11–$0.25 and $0.05–$0.10 ranges (15.1% each). Seven and a half percent report per-document GenAI rates exceeding $0.50, and 5.7% report rates below $0.05. A significant 35.8% indicate this pricing model is not applicable to them or that they do not know the cost. The broad distribution among those with pricing visibility — from under a nickel to over fifty cents per document — reflects the wide variance in task complexity, model selection, and quality control overhead that different GenAI review implementations involve. The $0.11–$0.50 range represents the most commercially active zone. At the lower end, GenAI review offers compelling cost efficiency relative to the $0.50–$1.00 range for human per-document review. At the upper end of GenAI pricing (>$0.50), the value proposition requires stronger justification — particularly around accuracy, speed, or reduced downstream review burden. Practitioners should push vendors for specificity on what the per-document fee includes: model inference costs alone, or QC, exception handling, and reporting as well.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/03/Review-Pricing-Average-Cost-Per-Document-in-Per-Document-Model-of-Gen-AI-Assisted-Review-Winter-2026.pdf" title="Review Pricing - Average Cost Per Document in Per Document Model of Gen AI-Assisted Review - Winter 2026"]

Q20 — Average Cost Range for GenAI-Assisted Review (Per-GB Model) Per-GB GenAI pricing is less prevalent in practice — 64.2% of respondents indicate this model is not applicable or unknown. Among those who do report per-GB GenAI pricing, the $25–$50 per GB range is most common (17.0%), followed by below $25 per GB (13.2%). Two respondents (3.8%) report rates exceeding $100 per GB for GenAI review — likely representing specialized, computationally intensive analytical workflows rather than standard review acceleration. Given that data processing at ingestion typically falls below $75 per GB, a per-GB GenAI review charge layered on top represents a meaningful incremental cost. Practitioners evaluating per-GB GenAI pricing should model total matter economics carefully, including whether early data culling through AI reduces the volume that reaches review — potentially offsetting the per-GB GenAI charge with reduced processing and hosting costs downstream.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/03/Review-Pricing-Average-Cost-Range-Per-GB-in-Per-GB-Model-of-Gen-AI-Assisted-Review-Winter-2026.pdf" title="Review Pricing - Average Cost Range Per GB in Per GB Model of Gen AI-Assisted Review - Winter 2026"]

Q21 — Outcome-Based Pricing Structure for GenAI-Assisted Review Outcome-based pricing for GenAI review remains largely theoretical in the current market: 79.2% of respondents report no applicable experience with it. Among the minority with exposure, custom agreements dominate (9.4%), with small numbers reporting tiered pricing based on review speed improvements (3.8%), fixed fees based on achieved accuracy rates (3.8%), a combination of performance metrics (1.9%), and percentage of cost savings compared to traditional review (1.9%). The theoretical appeal of outcome-based pricing is clear — it aligns provider incentives with client results and distributes AI benefit-sharing in a transparent way. The operational mechanisms, however, remain underdeveloped. Defining accuracy baselines, attributing speed gains to AI versus staffing decisions, and calculating savings against hypothetical traditional review costs are all methodologically complex. The custom-agreement dominance (9.4%) reflects that outcome-based structures, where they exist, are negotiated on a bespoke basis without market-standardized frameworks. In this analyst's view, this is an area where the industry is likely to see active experimentation and standardization attempts in coming survey cycles — though the timeline will depend on how quickly buyers begin demanding performance accountability in AI review contracts.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/03/Review-Pricing-Typical-Structure-of-Outcome-Based-Pricing-Models-in-Gen-AI-Assisted-Review-Winter-2026.pdf" title="Review Pricing - Typical Structure of Outcome-Based Pricing Models in Gen AI-Assisted Review - Winter 2026"]

Q22 — How Pricing Models Handle Failed or Exception Documents in GenAI Review Exception document handling — documents that fail AI processing or require human intervention — is a practical and financially significant issue that is significantly underappreciated in headline GenAI pricing discussions. Nearly 40% of respondents (39.6%) cannot speak to how their contracts address this scenario. Among those with visibility, no single approach dominates: 18.9% report that exception documents route to manual review at standard rates; 17.0% say handling depends on the specific issue encountered; 9.4% each report that exceptions are charged as additional processing time or included in the base price (no additional charge); and 5.7% report per-document exception billing. The variability of exception handling approaches — and the high proportion of respondents with no visibility — represents a meaningful contract risk for buyers. In matters where a significant share of documents require human intervention, the effective cost of a GenAI-assisted review engagement can increase substantially depending on which exception pricing structure applies. Buyers negotiating GenAI review engagements should require explicit exception handling clauses that specify the triggering conditions, billing treatment, and quality control obligations for documents that exit the AI workflow.

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/03/Review-Pricing-Accounting-for-Docs-That-Fail-To-Process-or-Require-Special-Handing-Gen-AI-Winter-2026.pdf" title="Review Pricing - Accounting for Docs That Fail To Process or Require Special Handing (Gen AI) - Winter 2026"]

Analyst Observation — GenAI-Assisted Review The GenAI pricing market is operationally engaged but structurally immature. The concentration in hybrid and per-document models reflects practitioners and providers reaching for familiar pricing analogues while the technology matures. The $0.11–$0.50 per-document zone is emerging as a competitive market range — one that creates genuine economic pressure on traditional human review for appropriate document populations. The most important near-term challenge for the market is not the headline per-document or per-GB rate, but the hidden cost variables: exception document handling, quality control overhead, model retraining requirements, and the total cost of ownership of integrating GenAI review into existing workflows. One survey respondent offered a perspective worth placing on record: many vendors are still determining their AI pricing strategies, rushing to market to capture first-mover advantage or market share — and that token-based pricing pressures may cause AI solution costs to increase materially in the future, absent significant reductions in GPU infrastructure costs. This caution deserves attention as buyers evaluate multi-year GenAI review commitments. Key Takeaways — Section 4

Hybrid and per-document models are the dominant GenAI pricing structures, each at 28.3% — the market has converged on document-level units but not uniform delivery structures.
The $0.11–$0.50 per-document range is the emerging competitive zone for GenAI-assisted review, with direct economic implications for traditional human review.
Per-token pricing has not been widely passed to buyers (5.7%) — providers are absorbing LLM cost variability for now.
Outcome-based GenAI pricing is theoretically compelling but operationally undeveloped; 79.2% of respondents have no applicable experience.
Exception document handling is an underappreciated contract risk: 39.6% don't know how their agreements address it, and no standard approach has emerged.

Conclusion and Strategic Implications

The Winter 2026 eDiscovery Pricing Survey paints a picture of a market undergoing layered transitions simultaneously: forensic services have found stable pricing floors; processing and hosting have bifurcated between commoditized infrastructure and differentiated analytics tiers; document review is experiencing pricing model fragmentation as AI alternatives create new economic reference points; and GenAI-assisted review is operationally deployed but commercially immature in its pricing structures. For eDiscovery Buyers and Legal Operations Professionals The $250–$350 per hour range for forensic collection provides a reliable negotiation baseline, but buyers should build explicit rate schedules covering analysis and testimony phases — where rates routinely exceed $350 and frequently surpass $550 per hour. Processing and hosting negotiations should move beyond per-GB benchmarks for analytics-enabled and TAR-related services, where bundled models increasingly dominate. For document review, the critical action item is requiring per-document rate transparency even when hourly billing is the primary model — enabling genuine cost modeling against AI review alternatives. Corporate legal operations professionals face a distinct version of these challenges. Unlike law firms that pass eDiscovery costs to clients, in-house legal departments absorb them entirely — making pricing transparency a budget integrity issue, not just a negotiation tactic. The hosting commoditization finding (54.7% below $10/GB/month for basic hosting) and the user licensing transition (34.0% of respondents on alternative models) both represent leverage points in enterprise vendor negotiations that legal operations teams can use directly. The project management escalation finding (26.4% above $200/hour) warrants particular attention for in-house teams managing multi-matter portfolios: as PM rates rise with engagement complexity, the cost of inadequate internal scoping and vendor coordination compounds. Corporate legal operations teams are well-positioned to offset this by investing in internal eDiscovery program management capability rather than outsourcing all coordination to vendor project managers at premium rates. For GenAI-assisted review engagements, two contractual priorities stand out: first, obtain explicit pricing for exception documents rather than accepting provider discretion; second, require specificity on what is included in per-document or per-GB GenAI rates to enable accurate total-cost modeling. The $0.11–$0.50 per-document range is commercially viable for appropriate document populations, but hidden costs can erode that advantage quickly if not addressed in the agreement. For eDiscovery Service Providers and Technology Vendors The survey data confirms that buyers are engaging with GenAI pricing at a level of sophistication that requires providers to move beyond introductory pricing structures. The dominance of hybrid models reflects buyer uncertainty as much as provider flexibility — and that uncertainty is not sustainable as GenAI review becomes a standard engagement component rather than a premium add-on. Providers who develop clear, reproducible pricing structures with transparent exception handling will differentiate themselves in a market where 39.6% of buyers currently report no visibility into this critical cost variable. The trajectory of outcome-based pricing deserves attention. While only a small minority of respondents currently have exposure to these models, the direction of the market — toward accountability for AI review quality, not just delivery — suggests that providers who invest in outcome measurement frameworks now will be better positioned as client sophistication increases.

Looking Ahead: Open Questions for the Evolving eDiscovery Pricing Landscape

Several questions worth watching in future survey cycles: Will per-token pricing migrate from provider cost basis to buyer-facing billing as LLM economics become more visible? Will outcome-based pricing develop standardized frameworks, or remain bespoke indefinitely? Will the onsite/remote premium for forensic collection and attorney review compress as remote delivery tools mature further? And will the exception document handling gap in GenAI contracts become a litigation issue that forces market standardization? The Pricing Pulse series will continue to track these dynamics. The Winter 2026 results establish a pricing baseline at a pivotal moment — one that future surveys will be measured against as generative AI transforms both the economics and the practice of eDiscovery.

Research Methodology Note

The Winter 2026 eDiscovery Pricing Survey was designed and administered by ComplexDiscovery OÜ in partnership with the Electronic Discovery Reference Model (EDRM) as part of the Pricing Pulse research series. The survey was conducted via an online form distributed through ComplexDiscovery's professional community and partner networks. The survey period ran from December 2025 through February 2026, with the data collection window closing upon reaching the final respondent cohort of 53 individuals. The survey comprised 25 pricing questions organized across four service categories — forensic collection and examination, data processing and hosting, document review, and GenAI-assisted review — plus three respondent classification questions addressing geography, business segment, and primary function. Response options were structured as defined ranges rather than open-ended numeric inputs to facilitate comparative analysis and protect respondent pricing confidentiality. All responses represent self-reported market observations and practitioner experience. Results should be interpreted as directional market intelligence reflecting current practitioner perceptions of prevailing pricing, not as verified transaction records or audited benchmarks. The U.S.-centric geographic distribution (92.5%) should be taken into account when applying findings to non-U.S. markets. ComplexDiscovery OÜ maintains editorial independence in the analysis and publication of survey results. Individual respondent data is treated as confidential; only aggregated findings are reported. ComplexDiscovery and the Electronic Discovery Reference Model (EDRM) thank the 53 practitioners and professionals who contributed their time and market knowledge to this research. Organizations and individuals interested in participating in future Pricing Pulse surveys are encouraged to connect with ComplexDiscovery at complexdiscovery.com. © 2026 ComplexDiscovery OÜ. All rights reserved. Published on ComplexDiscovery.com. Conducted in partnership with the Electronic Discovery Reference Model (EDRM). The Pricing Pulse is an ongoing research series examining pricing dynamics across the eDiscovery market. News Source

Rob Robinson and Holley Robinson, ComplexDiscovery OÜ, "Winter 2026 eDiscovery Pricing Survey," February 2026.

[the_ad_group id="12741"]

Assisted by GAI and LLM Technologies Additional Reading

Source: ComplexDiscovery OÜ

ComplexDiscovery’s mission is to enable clarity for complex decisions by providing independent, data‑driven reporting, research, and commentary that make digital risk, legal technology, and regulatory change more legible for practitioners, policymakers, and business leaders.

[exclude_from_rss]

[taq_review]

[/exclude_from_rss] Industry Research

A Complete Analysis of the Winter 2026 eDiscovery Pricing Survey

ComplexDiscovery Staff

Executive Summary

About the Survey

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Survey-Respondents-by-Primary-Function-Winter-2026.pdf" title="Survey Respondents by Primary Function - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Survey-Respondents-by-Geographic-Region-Winter-2026.pdf" title="Survey Respondents by Geographic Region - Winter 2026"]

Section 1: Forensic Collection, Examination, and Testimony Pricing

$250–$350/hour is the market anchor for both onsite and remote forensic collection (56.6% each).
Onsite collection carries a measurable premium: 20.8% report >$350/hour vs. 5.7% for remote.
Mobile device collection rates have converged with computer collection at the upper tier (both ~50% report >$350/device).
Investigation, analysis, and report generation rates escalate to $350–$550/hour for 54.7% of respondents.
Expert witness testimony exceeds $550/hour for 26.4% — the highest proportion across all survey categories.

Section 2: Data Processing, Hosting, and Project Management Pricing

Processing at ingestion is largely below $75/GB (73.6% combined), but completion-phase pricing climbs with 24.5% reporting $100/GB or more.
Alternative pricing models account for 18.9% at ingestion and 22.6% at completion — signaling a structural shift away from per-GB processing billing.
Basic hosting has commoditized: 54.7% report sub-$10/GB/month. Analytics hosting retains differentiation with 11.3% exceeding $25/GB/month.
User licensing is migrating from per-seat to bundled models — 34.0% report alternative pricing structures.
Project management rates are well understood and rising: 26.4% now exceed $200/hour, reflecting growing engagement complexity.

Section 3: Document Review Pricing

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-Hour-Cost-for-Document-Review-Attorneys-to-Review-Documents-Remote-Winter-2026.pdf" title="Review Pricing - Per Hour Cost for Document Review Attorneys to Review Documents Remote - Winter 2026"]

[pdf-embedder url="https://complexdiscovery.com/wp-content/uploads/2026/02/Review-Pricing-Per-Document-Cost-for-Document-Review-Attorneys-to-Review-Documents-Remote-Winter-2026.pdf" title="Review Pricing - Per Document Cost for Document Review Attorneys to Review Documents Remote - Winter 2026"]

TAR/predictive coding billing is migrating away from per-GB models: 35.8% report alternative pricing, 18.9% don't know — bundled platform pricing is absorbing this cost.
Onsite managed review attorney rates exceed $40/hour for 45.3% of respondents vs. 35.8% for remote — the onsite premium persists.
Per-document review rates cluster in the $0.50–$1.00 range for both onsite and remote, with significant 'do not know' responses (34% onsite, 30.2% remote) indicating a transparency gap.
The $0.50–$1.00 per-document human review baseline sets up direct economic competition with emerging GenAI-assisted review pricing.

Section 4: GenAI-Assisted Review Pricing

Hybrid and per-document models are the dominant GenAI pricing structures, each at 28.3% — the market has converged on document-level units but not uniform delivery structures.
The $0.11–$0.50 per-document range is the emerging competitive zone for GenAI-assisted review, with direct economic implications for traditional human review.
Per-token pricing has not been widely passed to buyers (5.7%) — providers are absorbing LLM cost variability for now.
Outcome-based GenAI pricing is theoretically compelling but operationally undeveloped; 79.2% of respondents have no applicable experience.
Exception document handling is an underappreciated contract risk: 39.6% don't know how their agreements address it, and no standard approach has emerged.

Conclusion and Strategic Implications

Looking Ahead: Open Questions for the Evolving eDiscovery Pricing Landscape

Research Methodology Note

Rob Robinson and Holley Robinson, ComplexDiscovery OÜ, "Winter 2026 eDiscovery Pricing Survey," February 2026.

[the_ad_group id="12741"]

Assisted by GAI and LLM Technologies Additional Reading

Source: ComplexDiscovery OÜ

ComplexDiscovery’s mission is to enable clarity for complex decisions by providing independent, data‑driven reporting, research, and commentary that make digital risk, legal technology, and regulatory change more legible for practitioners, policymakers, and business leaders.