Five Considerations for a Better Negotiated ESI Protocol with Modern Data

June 21, 2024



Sarah Moran
Sarah Moran

Preparing for a Rule 26(f) meet and confer and codifying eDiscovery workflow decisions into an ESI protocol is more technically complex and challenging than ever before. In large part, this increased complexity is due to the intricacies of modern data.

Modern data refers to data generated by cloud-based systems that support communication, collaboration, and productivity in the workplace. It creates significant eDiscovery challenges due to differences in the way data is created, stored, and managed in the Cloud.

While recent court decisions have provided guidance for case teams on certain aspects of modern data, such as best practices for handling them, its fast-paced evolution often leaves a void of applicable case law in its wake. This fuels the need for attorneys to stay apprised of the data landscape and refresh how they’re negotiating.

The evolution of modern data can severely impact downstream eDiscovery workflows. The extent of the impact is highly dependent on a variety of factors, such as system capabilities, the company’s configuration of the system, licensing agreements, the timeframe of implementation, whether data was migrated into the system, retention and deletion policies, etc. To successfully navigate the effects on eDiscovery, it is important for litigation and eDiscovery counsel to:

  • Understand the relationship between the system architecture (i.e., design, configuration, use, management) and downstream eDiscovery tasks (i.e., preservation, collection, export)
  • Inquire into the specific system(s) at issue in the matter, as well as the client’s configuration and other factors above
  • Develop and implement a preservation plan that takes these items into account
  • Negotiate an ESI protocol to address modern data challenges they contemplate arising in the matter

Attorneys must develop a robust understanding of what a client is doing with their data, why they are doing it, and how. This begins by understanding the system architecture and the company’s process for executing eDiscovery tasks within that system, as well as the limitations that exist with certain types of data.

If you don’t, you’ll risk getting stuck with accepted standard protocol language, definitions, and processes which force you into a costly solution and negatively impact eDiscovery workflows and timelines—or worse, put yourself in a position where you are unable to meet the standards you have agreed to for your client.

To avoid this trap, here are five key considerations when negotiating your ESI protocol.

1. Define the data and relationships

A basic, yet difficult, element of ESI protocol for modern data is defining data sources and articulating the relationships between them. Modern attachments, or hyperlinks, are challenging conventional definitions of attachments and ideas around what constitutes a parent and child relationship in eDiscovery. Since a modern attachment behaves like a hyperlink by directing the recipient to the file itself, it raises questions about what version the legal team will actually be reviewing.

eDiscovery has also become less custodian-driven and instead is increasingly dictated by cloud-based systems. For instance, in the past you would collect and produce multiple versions of a document, but today a system can save hundreds of versions automatically. This leads to greater replication and proliferation of versions, creating a proportionality burden.

Other modern data sources challenging conventional wisdom include:

Collaboration tools

Collaboration data has expanded in its meaning with implications on what should be included in an ESI protocol. Attorneys should stay apprised of how collaboration data works and define a reasonable and relevant scope of data that’s included in a protocol.

Audit logs

Audit logs are records of when and how a document is accessed and engaged with. With enterprise tools, it’s now possible to retain a record of an audit log, so attorneys should be prepared to address them at meet and confers.

Generative AI

With prompts and responses, gen AI tools are creating new data at exponential rates. Courts and litigation parties will need to hash out what is reasonable and proportional in terms of how much of that data should be retained and collected—so it imperative that attorneys understand what is being created, how it’s stored, and what is required to produce it.

When negotiating an ESI protocol, you should understand and define all of these data sources, and also unpack the relationship between the data to determine how it is collected and produced.

Questions to consider:

  • What data sources are involved in the matter and how do I define them?
  • How important is linked document versioning related to my matter?
  • Do I have the requisite knowledge to push back on how data relationships are defined?

2. Understand platforms and how data is stored

Once you’ve established definitions and relationships, it’s critical to know how your data is stored and what capabilities exist for collection. This foundation allows you to better negotiation and challenge any unreasonable demands outlined in the ESI protocol.

Start by understanding the systems that are involved and how they may impact the downstream requirements later. The risk in not understanding the data landscape upfront is potentially agreeing to terms that require costly technology solutions or unreasonable requirements.

Questions to consider:

  • Is the system or platform cloud-based?
  • What license is currently in use and are there other options?
  • How is the system configured?
  • What are the eDiscovery workflows?

3. Grasp how your data is collected

With a nuanced perspective of your data, you can better comprehend how it can be collected and what any limitations may be. Licensing, configuration, and overall system capabilities are key areas to consider when evaluating the impact on downstream eDiscovery. It’s also important to think about proportionality and goals.

A good example of setting up for success is the new Microsoft Purview option to collect a version of a cloud attachment at the time it was shared (you need an E5 license type, which gives you Purview Premium (instead of Standard), plus you need to have set up retention tags).

Another consideration for collection is how the data is being searched. Oftentimes, attorneys use more rudimentary methods like keywords, which can be limiting in their ability to find information in more nuanced datasets. Knowing about more sophisticated search methodology and the limitations of other approaches can help save time and frustration when executing an agreed upon workflow outlined in the protocol.

Questions to consider:

  • How will our current licenses and configuration settings impact collection?
  • What are the limitations of particular search approaches, including keywords?

4. Manage how data is processed and produced

Having a firm handle on upstream data capabilities and limitations can help you better negotiate how the data will be processed and ultimately produced. If any data needs to be converted or parsed, it’s important to know upfront what this will look like and how it’s accomplished to avoid costly work. With custom platforms or workflows, modern data can sometimes be in a non-standard format, which means that associations between data are often forced. Other considerations at this phase are if metadata should be preserved and how, and understanding how data has been tagged.

Questions to consider:

  • How, and in what format, will this data ultimately be produced?
  • Is metadata relevant and how is it being preserved?
  • How is data being converted and parsed?

5. Limit the scope

Having a solid understanding of your data and the system’s capabilities related to data storage, retention, collection, processing, and production is key to avoiding being cornered with an unreasonable ESI protocol. Refining the scope of a protocol is important for reducing cost and expending fewer resources while still complying with the needs of the matter.

Generative AI is applying pressure to the concept of scope because of the nature of data it creates and its novelty. Should the scope include all of the data created by generative AI, including prompts and responses? This presents a challenge because often these are records, not artifacts, meaning they may not always be in a format that is easily stored and collected like other data sources. Teams are also being asked to disclose the use of generative AI, including the prompts used, as part of a search methodology. Attorneys must be aware of the challenges here before agreeing to a protocol that requires the production of data that is impossible or extremely burdensome to produce.

Questions to consider:

  • Which generative AI prompt tools are available within our organization?
  • Are there blanket policies in place for employee use of non-enterprise gen AI?
  • What are the current preservation settings and policies related to the generative AI tools the organization uses? How will we know if those settings need to be updated?

Ultimately, a well negotiated ESI protocol can help you avoid a process that can be tremendously burdensome in terms of cost and resources. It also allows you to take advantage of newer technology and efficiencies.

For more guidance and information on modern data, check out our information governance page.

About the Author

Sarah Moran

Sarah is a Director of Marketing at Lighthouse. Before coming to Lighthouse, she worked for a decade as a practicing attorney at a global law firm, specializing in eDiscovery counseling and case management, data privacy, and information governance. At Lighthouse, she happily utilizes her eDiscovery expertise to help our clients understand and leverage the ever-changing world of legal technology and data governance. She is a problem solver and a collaborator and welcomes any chance to discuss customer pain points in eDiscovery. Sarah earned her B.A. in English from Penn State University and her J.D. from Delaware Law School.