Lighthouse Blog

Lighthouse Microsoft 365 (M365) experts, John Holliday and John Collins, recently teamed up with Reed Smith to present the M365 in 5 Foundation Series on Reed Smith’s Tech Law Talks podcast. The series dives into operational considerations when rolling out M365 tools related to governance, retention, eDiscovery, and data security across a broad range of applications, from Exchange and SharePoint to all things Microsoft Teams.Check out the lineup below and click the titles of each podcast to give them a listen.M365 in 5 – Part 1: Exchange Online – Not just a mailboxDiscover the enhanced functionality of EXO, including new data types and the potential for enhanced governance.M365 in 5 – Part 2: SharePoint Online – The new file-share environmentHear about the enhanced file share and collaboration functionality in SharePoint Online, including real-time collaboration, access controls, and opportunities to control retention and deletion.M365 in 5 – Part 3: OneDrive for Business – Protected personal collaborationLearn about OneDrive for Business and how organizations can use it for personal document storage, such as giving other users access to individual documents within an individual’s OneDrive and acting as the storage location for all Teams Chats.M365 in 5 – Part 4: Teams – An introduction to collaborationListen to an introduction to Teams and how it is transforming the way organizations are working and communicating.M365 in 5 – Part 5: Teams Chats – Modern communicationsUncover the enhanced functionality of M365’s new instant messaging platform, including persistent chats, modern attachments, expressive features, and priority messaging, which enhance communication but can bring increased eDiscovery or regulatory risks.M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspaceHear how Teams Channels are changing not only the way organizations work and collaborate, but also key legal and risk considerations that should be contemplated.M365 in 5 – Part 7: Teams Audio/Video (A/V) ConferencingDive into the functionality and controls of audio/video conferencing capabilities, including the integration of chats, whiteboards, translation, and transcription services.The Tech Law Talks podcast hosts regular discussions about the legal and business issues around data protection, privacy and security; data risk management; intellectual property; social media; and other types of information technology. For more information regarding the show, follow the link here: https://reedsmithtech.podbean.com.If you have questions about how to develop and maintain legal and compliance programs around M365, reach out to us at info@lighthouseglobal.com.microsoft-365; information-governancemicrosoft, blog, microsoft-365, information-governancemicrosoft; bloglighthouse

Below is a copy of a featured article written by Kimberly Quan of Juniper Networks and John Del Piero of Lighthouse for Bloomberg Law.Whether it's Teams, Slack, Zendesk, GChat, ServiceNow, or similar solutions that have popped up in the market over the last few years, collaboration and workflow platforms have arrived. According to Bloomberg Law's 2020 Legal Technology Survey, collaboration tools are being used by 77% of in-house and 44% of law firm attorneys. These tools are even more widely used by workers outside of the legal field.With many companies planning to make remote working a permanent fixture, we can expect the existing collaboration tools to become even more entrenched and new competitors to arrive on the scene with similarly disruptive technologies.This will be a double-edged sword for compliance and in-house legal teams, who want to encourage technology that improves employee productivity, but are also wary of the potential information governance and eDiscovery risks arising because of these new data sources. This article explains the risks these tools can pose to organizations and provides a three-step approach to help mitigate those risks.Understand Litigation and Investigation RiskThe colloquial and informal nature of collaborative tools creates inherent risk to organizations, much like the move from formal memos to email did 20 years ago. Communications that once occurred orally in the office or over the phone are now written and tracked, logged, and potentially discoverable. However, a corporation's ability to retain, preserve, and collect these materials may be unknown or impossible, depending on the initial licensing structure the employee or the company has entered into or the fact that many new tools do not include features to support data retention, preservation, or collection.Government agencies and plaintiffs’ firms have an eye on these new applications and platforms and will ask specifically about how companies and even individual custodians use them during investigations and litigations. Rest assured that if a custodian indicates during an interview or deposition that she used the chat function in a tool like Teams or Slack, for example, to work on issues relevant to the litigation, opposing counsel will ask for those chat records in discovery. Organizations can mitigate the risk of falling down on their eDiscovery obligations because of the challenges posed bycollaboration tool data using this three-step approach:Designate personnel in information technology (IT) and legal departments to work together to vet platforms and providers.Develop clear policies that are regularly reviewed for necessary updates and communicated to the platform users.Ensure internal or external resources are in place to monitor the changes in the tools and manage associated retention, collection, and downstream eDiscovery issues.Each of these steps is outlined further below.Designate IT & Legal Personnel to Vet Platforms and Providers‍Workers, especially those in the tech industry, naturally want to be free to use whatever technology allows them to effectively collaborate on projects and quickly share information.However, many of these tools were not designed with legal or eDiscovery tasks in mind, and therefore can pose challenges around the retention, preservation and collection of the data they generate.Companies must carefully vet the business case for any new collaboration tool before it is deployed. This vetting process should entail much more than simply evaluating how well the tool or platform can facilitate communication and collaboration between workers. It also involves designating personnel from both legal and IT to work together to evaluate the eDiscovery and compliance risks a new tool may pose to an organization before it is deployed.The importance of having personnel from both legal and IT involved from the outset cannot be understated. These two teams have different sets of priorities and can evaluate eDiscovery risks from two different vantage points. Bringing them together to vet a new collaboration tool prior to deployment will help to ensure that all information governance and eDiscovery downstream effects are considered and that any risks taken are deliberate and understood by the organization in advance of deployment. This collaborative team can also ensure that preservation and discovery workflows are tested and in place before employees begin using the tool.Once established, this dedicated collaborative IT and legal team can continue to serve the organization by meeting regularly to stay abreast of any looming legal and compliance risks related to data generation. For example, this type of team can also evaluate the risks around planned organizational technology changes, such as cloud migrations, or develop workflows to deal with the ramifications of the near-constant stream of updates that roll out automatically for most cloud-based collaborative tools.Develop Clear Policies That Are Regularly Reviewed‍The number of collaborative platforms that exist in the market is ever evolving, and it is tempting for organizations to allow employees to use whatever tool makes their work the easiest. But, as shown above, allowing employees to use tools that have not been properly vetted can create substantial eDiscovery and compliance risks for the organization.Companies must develop clear policies around employee use of collaborative platforms in order to mitigate those risks. Organizations have different capabilities in restricting user access to these types of platforms. Historically, technology companies have embraced a culture where innovation is more important than limiting employees’ access to the latest technology. More regulated companies, like pharmaceuticals, financial services, and energy companies, have tended to create a more restrictive environment. One of the most successful approaches, no matter the environment or industry, is to establish policies that restrict implementation of new tools while still providing users an avenue to get a technology approved for corporate use after appropriate vetting.These policies should have clear language around the use of collaboration and messaging tools and should be frequently communicated to all employees. They should also be written using language that does not require updating every time anew tool or application is launched on the market. For instance, a policy that restricts the work-related use of a broad category of messaging tools, like ephemeral messaging applications, also known as self-destructing messaging applications, is more effective than a policy that restricts the use of a specific application, like Snapchat. The popularity of messaging tools can change every few months, quickly leading to outdated and ineffective policies if the right language is not used.Make sure employees not only understand the policy, but also understand why the policy is in place. Explain the security, compliance, and litigation-related risks certain types of applications pose to the organization and encourage employees to reach out with questions or before using a new type of technology.Further, as always with any policy, consider how to audit and police its compliance. Having a policy that isn't enforced issometimes worse than having no policy at all.Implement Resources to Manage Changes in Tools‍Most collaboration tools are cloud-based, meaning technology updates can roll out on a near-constant basis. Small updates and changes may roll out weekly, while large systemic updates may roll out less frequently but include hundreds of changes and updates. These changes may pose security, collection, and review challenges, and can leave legal teams unprepared to respond to preservation and production requests from government agencies or opposing counsel. In addition, this can make third-party tools on which companies currently rely for specific retention and collection methodologies obsolete overnight.For example, an update that changes the process for permissions and access to channels and chats on a collaborative platform like Teams may seem like a minor modification. However, if this type of update is rolled out without legal and IT team awareness, it may mean that employees who formerly didn't have access to a certain chat function may now be able to generate discoverable data without any mechanism for preservation or collection in place.The risks these updates pose mean that is imperative for organizations to have a framework in place to monitor and manage cloud-based updates and changes. How that framework looks will depend on the size of the organization and the expertise and resources it has on hand. Some organizations will have the resources to create a team solely dedicated to monitoring updates and evaluating the impact of those updates. Other organizations with limited internal access to the type of expertise required or those that cannot dedicate the resources required for this task may find that the best approach is to hire an external vendor that can perform this duty for the organization.When confronted with the need to collect, process, review, and produce data from collaboration tools due to an impending litigation or investigation, an organization may find it beneficial to partner with someone with the expertise to handle the challenges these types of tools present during those processes. Full-scale, cloud-based collaboration tools like Microsoft Teams and Slack are fantastic for workers because of their ability to combine almost every aspect of work into a single, integrated interface. Chat messaging, conference calling, calendar scheduling, and group document editing are all at your fingertips and interconnected within one application. However, this aspect is precisely why these tools can be difficult to collect, review, and produce from an eDiscovery perspective.With platforms like Teams, several underlying applications, such as chat, video calls, and calendars, are now tied together through a backend of databases and repositories. This makes a seemingly simple task like “produce by custodian” or “review a conversation thread” relatively difficult if you haven't prepared or are not equipped to do so. For example, in Teams communications such as chat or channel messages, when a user sends a file to another user, the document that is attached to the message is no longer the static, stand-alone file.Rather, it is a modern attachment, a link to the document that resides in the sender's OneDrive. This can beg questions as to which version was reviewed by whom and when it was reviewed. Careful consideration of versioning and all metadata and properties will be of the utmost importance during this process, and will require someone on board who understands the infrastructure and implications of those functions.The type of knowledge required to effectively handle collection and production of data generated by the specific tools an organization uses will be extremely important to the success of any litigation or investigation. Organizations can begin planning for success by proactively seeking out eDiscovery vendors and counsel that have experience and expertise handling the specific type of collaboration tools that the organization currently uses or is planning on deploying. Once selected, these external experts can be engaged early, prior to any litigation or investigation, to ensure that eDiscovery workflows are in place and tested long before any production deadlines.ConclusionCloud-based collaboration tools and platforms are here to stay. Their ability to allow employees to communicate and collaborate in real time while working in a remote environment is becoming increasingly important in today's world. However, these tools inherently present eDiscovery risks and challenges for which organizations must carefully prepare. This preparation includes properly vetting collaboration tools and platforms prior to deploying them, developing and enforcing clear internal policies around their use, monitoring all system updates and changes, and engaging eDiscovery experts early in the process.With proper planning, good collaboration between IT and legal teams and expert engagement, organizations can mitigate the eDiscovery risks posed by these tools while still allowing employees the ability to use the collaboration tools that enable them to achieve their best work.Reproduced with permission. Published March 2021. Copyright © 2021 The Bureau of National Affairs, Inc.800.372.1033. For further use, please contact permissions@bloombergindustry.com.chat-and-collaboration-data; ediscovery-review; microsoft-365emerging-data-sources, blog, corporate, chat-and-collaboration-data, ediscovery-review, microsoft-365,emerging-data-sources; blog; corporatebloomberg law

Big data can mean big problems in the ediscovery and compliance world – and those problems can be exponentially more complicated when personal data is involved. Sifting through terabytes of data to ensure that all personal information is identified and protected is becoming an increasingly more painstaking and costly process for attorneys today.Fortunately, advances in artificial intelligence (AI) and analytics technology are changing the landscape and enabling more efficient and accurate detection of personal information within data. Recently, I was fortunate enough to gather a panel of experts together to discuss how AI is enabling legal professionals in the ediscovery, information governance, and compliance arenas to identify personal protected information (PII) and personal health information (PHI) more quickly within large datasets. Below is a summary of our discussion, along with some helpful tips for leveraging AI to detect personal information.Current Methods of Personal Data Identification Similar to the slower adoption of AI and analytics to help with the protection of attorney-client privilege information (compared to the broader adoption of machine learning to identify matter relevant documents), the legal profession has also been slow to leverage technology to help identify and protect personal data. Thus, the identification of personal data remains a very manual and reactive process, where legal professionals review documents one-by-one on each new matter or investigation to find personal information that must be protected from disclosure.This process can be especially burdensome for pharmaceutical and healthcare industries, as there is often much more personal information within the data generated by those organizations, while the risk for failing to protect that information may be higher due to healthcare-specific patient privacy regulations like HIPAA.How Advances in AI Technology Can Improve Personal Data Identification There are a few ways in which AI has advanced over the last few years that make new technology much more effective at identifying personal data:Analyzing More Than Text: AI technology is now capable of analyzing more than just the simple text of a document. It can now also analyze patterns in metadata and other properties of documents, like participants, participant accounts, and domain names. This results in technology that is much more accurate and efficient at identifying data more likely to contain personal information.Leveraging Past Work Product: Newer technology can now also pull in and analyze the coding applied on previous reviews without disrupting workflows in the current matter. This can add incredible efficiency, as documents previously flagged or redacted for personal information can be quickly removed from personal information identification workflows, thus reducing the need for human review. The technology can also help further reduce the amount of attorney review needed at the outset of each matter, as it can use many examples of past work product to train the algorithms (rather than training a model from scratch based on review work in the current matter).Taking Context into Account: Newer technology can now also perform a more complicated analysis of text through algorithms that can better assess the context of a document. For example, advances in Natural Language Processing (NLP) and machine learning can now identify the context in which personal data is often communicated, which helps eliminate previously common false hits like mistakenly flagging phone numbers as social security numbers, etc.Benefits of Leveraging AI and Analytics when Detecting Sensitive DataArguably the biggest benefit to leveraging new AI and analytics technology to detect personal information is cost savings. The manual process of personal information identification is not only slower, but it can also be incredibly expensive. AI can significantly reduce the number of documents legal professionals would need to look through, sometimes by millions of documents. This can translate into millions of dollars in review savings because this work is often performed by legal professionals who are billed at an hourly rate.Not only can AI utilization save money on a specific matter, but it can also be used to analyze an entire legal portfolio so that legal professionals have an accurate sense of where (and how much) personal information resides within an organization’s data. This knowledge can be invaluable when crafting burden arguments for upcoming matters, as well as to better understand the potential costs for new matters (and thus help attorneys make more strategic case decisions).Another key benefit of leveraging AI technology is the accuracy with which this technology can now pinpoint personal data. Not only is human review much less efficient, but it can also lead to mistakes and missed information. This increases the risk for healthcare and pharmaceutical organizations especially, who may face severe penalties for inadvertently producing PHI or PII (particularly if that information ends up in the hands of malevolent actors). Conducting quality control (QC) with the assistance of AI can greatly increase the accuracy of human review and ensure that organizations are not inadvertently producing individuals’ personal information. Best Practices for Utilizing AI and Analytics to Identify Personal DataPrepare in Advance: AI technology should not be an afterthought. Before you are faced with a massive document production on a tight deadline, make sure you understand how AI and analytics tools work and how they can be leveraged for personal data identification. Have technology providers perform proof of concept (POC) analyses with the tools on your data and demonstrate exactly how the tools work. Performing POCs on your data is critical, as every provider’s technology demos well on generic data sets. Once you have settled on the tools you want to use within your organization, ensure your team is trained well and is ready to hit the ground running. This will also help ensure that the technology you choose fits with your internal systems and platforms.Take a Global Team Approach: Prior to leveraging AI and analytics, spend some time working with the right people to define what PII and PHI you have an obligation to identify, redact, or anonymize. Not all personal information will need to be located or redacted on every matter or in every jurisdiction, but defining that scope early will help you leverage the technology for the best use cases.Practice Information Governance: Make sure your organization is maintaining proper control of networks, keeping asset lists up to date, and tracking who the business and technical leads are for each type of asset. Also, make sure that document retention policies are enforced and that your organization is maintaining controls around unstructured data. In short, becoming a captain of your content and running a tight ship will make the entire process of identifying personal information much more efficient.Think Outside the Box: AI and analytics tools are incredibly versatile and can be useful in a myriad of different scenarios that require protecting personal information from disclosure. From data breach remediation to compliance matters, there is no shortage of circumstances that could benefit from the efficiency and accuracy that AI can provide. When analyzing a new AI tool, bring security, IT, and legal groups to the table so they can see the benefits and possibilities for their own teams. Also, investigate your legal spend and have other teams do the same. This will give you a sense of how much money you are currently spending on identifying personal information and what areas can benefit from AI efficiency the most.If you’re interested in learning more about how to leverage AI and analytic technology within your organization or law firm, please see my previous articles on how to build a business case for AI and win over AI naysayers within your organization.To discuss this topic more or to learn how we can help you make an apples-to-apples comparison, feel free to reach out to me at RHellewell@lighthouseglobal.com.data-privacy; ai-and-analyticsai-and-analytics, microsoft-365analytics; data-privacy; ai-big-data; bloglighthouse

Identifying attorney-client privilege is one of the most costly and time-consuming processes in eDiscovery. Since the dawn of the workplace email, responding to discovery requests has had legal teams spending countless hours painstakingly searching through millions of documents to pinpoint attorney-client and other privileged information in order to protect it from production to opposing parties. As technology has improved, legal professionals have gained more tools to help in this process, but inevitably, it still often entails costly human review of massive amounts of documents.What if there was a better way? Recently, I had the opportunity to gather a panel of eDiscovery experts to discuss how advances in AI and analytics technology now allow attorneys to identify privilege more efficiently and accurately than previously possible. Below, I have summarized our discussion and outlined how legal teams can leverage advanced AI technology to reinvent the model for detecting attorney-client privilege.Current Methods of Privilege Identification Result in Over IdentificationCurrently, the search for privileged information includes a hodgepodge of different technology and workflows. Unfortunately, none of them are a magic bullet and all have their own drawbacks. Some of these methods include:Privilege Search Terms: The foundational block of most privilege reviews involves using common privilege search terms (“legal,” “attorney,” etc.) and known attorney names to identify documents that may be privileged, and then having a review team painstakingly re-review those documents to see if they do, in fact, contain privileged information.‍Complex Queries or Scripts: This method builds on the search term method by weighting the potential privilege document population into ‘tiers’ for prioritized privilege review. It sometimes uses search term frequency to weigh the perceived risk that a document is privileged.‍Technology Assisted Review (TAR): The latest iteration of privilege identification methodologies involves using the TAR process to try to further rank potential privilege populations for prioritized review, allowing legal teams to cut off review once the statistical likelihood of a document containing privilege information reaches a certain percentage.Even applied together, all these methodologies are only just slightly more accurate than a basic privilege search term application. TAR, for example, may flag 1 out of every 4 documents as privilege, instead of the 1 out of every 5 typically identified by common privilege search term screens. This result means that review teams are still forced to re-review massive amounts of documents for privilege.The current methods tend to over-identify privilege for two very important reasons: (1) they rely on a “bag of words” approach to privilege classification, which removes all context from the communication; (2) they cannot leverage non-text document features, like metadata, to evaluate patterns within the documents that often provide key contextual insights indicating a privileged communication.How Can Advances in AI Technology Improve Privilege Identification MethodsAdvances in AI technology over the last two years can now make privilege classification more effective in a few different ways:Leveraging Past Work Product: Newer technology can pull in and analyze the privilege coding that was applied on previous reviews, without disrupting the current review process. This helps reduce the amount of attorney review needed from the start, as the analytics technology can use this past work product rather than training a model from scratch based on review work in the current matter. Often companies have tens or even hundreds of thousands of prior privilege calls sitting in inactive or archived databases that can be leveraged to train a privilege model. This approach additionally allows legal teams to immediately eliminate documents that were identified as privileged in previous reviews.Analyzing More Than Text: Newer technology is also more effective because it now can analyze more than just the simple text of a document. It can also analyze patterns in metadata and other properties of documents, like participants, participant accounts, and domain names. For example, documents with a large number of participants are much less likely to contain information protected by attorney-client privilege, and newer technology can immediately de-prioritize these documents as needing privilege review.Taking Context into Account: Newer technology also has the ability to perform a more complicated analysis of text through algorithms that can better assess the context of a document. For example, Natural Language Processing (NLP) can much more effectively understand context within documents than methods that focus more on simple term frequency. Analyzing for context is critical in identifying privilege, particularly when an attorney may just be generally discussing business issues vs. when an attorney is specifically providing legal advice.Benefits of Leveraging Advances in AI and Analytics in Privilege ReviewsLeveraging the advances in AI outlined above to identify privilege means that legal teams will have more confidence in the accuracy of their privilege screening and review process. This technology also makes it much easier to assemble privilege logs and apply privilege redactions, not only to increase efficiency and accuracy, but also because of the ability to better analyze metadata and context. This in turn helps with privilege log document descriptions and justifications and ensuring consistency. But, by far the biggest gain, is the ability to significantly reduce costly and time-intensive manual review and re-review required by legal teams using older search terms and TAR methodologies.ConclusionLeveraging advances in AI and analytics technology enables review teams to identify privileged information more accurately and efficiently. This in turn allows for a more consistent work product, more efficient reviews, and ultimately, lower eDiscovery costs.If you’re interested in learning more about AI and analytics advancements, check out my other articles on how this technology can also help detect personal information within large datasets, as well as how to build a business case for AI and win over AI naysayers within your organization.To discuss this topic more or to learn how we can help you make an apples-to-apples comparison, feel free to reach out to me at RHellewell@lighthouseglobal.com.ai-and-analytics; chat-and-collaboration-data; ediscovery-reviewprivilege, analytics, ai-big-data, blog, ai-and-analytics, chat-and-collaboration-data, ediscovery-review,privilege; analytics; ai-big-data; bloglighthouse

Recently, I had the opportunity to (virtually) attend the first three days of Legalweek, the premier conference for those in the legal tech industry. Obviously, this year’s event looked much different than past years, both in structure and in content. But as I listened to legal and technology experts talk about the current state of the industry, I was happily surprised that the message conveyed was not one of doom and gloom, as you might expect to hear during a pandemic year. Instead, a more inspiring theme has emerged for our industry - one of hope through innovation.Just as we, as individuals, have learned hard lessons during this unprecedented year and are now looking towards a brighter spring, the legal industry has learned valuable lessons about how to leverage technology and harness innovation to overcome the challenges this year has brought. From working remotely in scenarios that previously would have never seemed possible, to recognizing the vital role diversity plays in the future of our industry – this year has forced legal professionals to adapt quickly, utilize new technology, and listen more to some of our most innovative leaders.Below, I have highlighted the key takeaways from the first three days of Legalweek, as well as how to leverage the lessons learned throughout this year to bring about a brighter future for your organization or law firm.“Human + Machine” not “Human vs. Machine” Almost as soon as artificial intelligence (AI) technology started playing a role within the legal industry, people began debating whether machines could (or should) eventually replace lawyers. This debate often devolves into a simple “which is better: humans or machines” argument. However, if the last year has taught us anything, it is that the answers to social debates often require nuance and introspection, rather than a “hot take.” The truth is that AI can no longer be viewed as some futuristic option that is only utilized in certain types of eDiscovery matters; nor should it be fearfully viewed as having the potential to replace lawyers in some dystopian future. Rather, AI has become essential to the work of attorneys and ultimately will be necessary to help lawyers serve their clients effectively and efficiently.1Data volumes are exponentially growing year after year, so much so that soon, even the smallest internal investigation will involve too much data to be effectively reviewed by human eyes alone. AI and analytics tools are now necessary to prioritize, cull, and categorize data in most litigations for attorneys to efficiently find and review the information they need. Moreover, advancements in AI technology now enable attorneys to quickly identify categories of information that previously required expensive linear review (for example, leveraging AI to identify privilege, protected health information (PHI), or trade secret data).Aside from finding the needle in the haystack (or simply reducing the haystack), these tools can also help attorneys make better, more strategic counseling and business decisions. For example, AI can now be utilized to understand an organization’s entire legal portfolio better, which in turn, allows attorneys to make better scoping and burden arguments as well as craft more informed litigation and compliance strategies.Thus, the age-old debate of which is better (human or machine learning) is actually an outdated one. Instead, the future of the legal industry is one where attorneys and legal professionals harness advanced technology to serve their clients proficiently and effectively.Remote Working and Cloud-Based Tools Are Here to StayOf course, one of the biggest lessons the legal industry learned over the past year is how to effectively work remotely. Almost every organization and law firm across the world was forced to quickly pivot to a more remote workforce – and most have done so successfully, albeit while facing a host of new data challenges related to the move. However, as we approach the second year of the pandemic, it has become clear that many of these changes will not be temporary. In fact, the pandemic appears to have just been an accelerator for trends that were already underway prior to 2020. For example, many organizations were already taking steps to move to a more cloud-based data architecture. The pandemic just forced that transition to happen over a much shorter time frame to facilitate the move to a remote workforce.This means that organizations and law firms must utilize the lessons learned over the last year to remain successful in the future, as well as to overcome the new challenges raised by a more remote, cloud-based work environment. For example, many organizations implemented cloud-based collaboration tools like Zoom, Slack, Microsoft Teams, and Google Workspace to help employees collaborate remotely. However, legal and IT professionals quickly learned that while these types of tools are great for collaboration, many of them are not built with data security, information governance, or legal discovery in mind. The data generated by these tools is much different than traditional e-mail – both in content and in structure. For example, audible conversations that used to happen around the water cooler or in an impromptu in-person meeting are now happening over Zoom or Microsoft Teams, and thus may be potentially discoverable during an investigation or legal dispute. Moreover, the data that is generated by these tools is structured significantly differently than data coming from traditional e-mail (think of chat data, video data, and the dynamic “attachments” created by Teams). Thus, organizations must learn to put rules in place to help govern and manage these data sources from a compliance, data security, and legal perspective, while law firms must continue to learn how to collect, review, and produce this new type of data.It will also be of growing importance in the future to have legal and IT stakeholder collaboration within organizations, so that new tools can be properly vetted and data workflows can be put in place early. Additionally, organizations will need a plan in place to stay ahead of technology changes, especially if moving to a cloud-based environment where updates and changes can roll out weekly. Attorneys should also consider technology training to stay up-to-date and educated on the various technology platforms and tools their company or client uses, so that they may continue to provide effective representation.Information Governance is Essential to a Healthy Data StrategyRelated to the above, another key theme that emerged over the last year is that good information governance is now essential to a healthy company, and that it is equally important for attorneys representing organizations to understand how data is managed within that organization.The explosion of data volumes and sources, as well as the unlimited data storage capacity of the Cloud means that it is essential to have a strong and dynamic information governance strategy in place. In-house counsel should ensure that they know how to manage and protect their company’s data, including understanding what data is being created, where that data resides, and how to preserve and collect that data when required. This is important not only from an eDiscovery and compliance perspective but also from a data security and privacy perspective. As more jurisdictions across the world enact competing data privacy legislation, it is imperative for organizations to understand what personal data they may be storing and processing, as well as how to collect it and effectively purge it in the event of a request by a data subject.Also, as noted above, the burden to understand an organization’s data storage and preservation strategy does not fall solely on in-house counsel. Outside counsel must also ensure they understand their client’s organizational data to make effective burden, scoping, and strategy decisions during litigation.A Diverse Organization is a Stronger OrganizationFinally, another key theme that has emerged is around recognizing the increasing significance that diversity plays within the legal industry. This year has reinforced the importance of representation and diversity across every industry, as well as provided increased opportunities for education about how diversity within a workforce leads to a stronger, more innovative company. Organizational leaders are increasingly vocalizing the key role diversity plays when seeking services from law firms and legal technology providers. Specifically, many companies have implemented internal diversity initiatives like women leadership programs and employee-led diversity groups and are actively seeking out law firms and service providers that provide similar opportunities to their own employees. The key takeaway here is that organizations and law firms should continue to look for ways to weave diverse representation into the fabric of their businesses.ConclusionWhile this year was plagued by unprecedented challenges and obstacles, the lessons we learned about technology and innovation over the year will help organizations and law firms survive and thrive in the future.To discuss any of these topics more, please feel free to reach out to me at SMoran@lighthouseglobal.com.1 In fact, attorneys already have an ethical duty (imposed by the Rules of Professional Conduct) to understand and utilize existing technology in order to competently represent their clients.ai-and-analytics; ediscovery-review; legal-operationscloud, information-governance, ai-big-data, blog, ai-and-analytics, ediscovery-review, legal-operations,cloud; information-governance; ai-big-data; blogsarah moran

Cut-off scores, seed sets, training rounds, confidence levels – to the inexperienced, technology assisted review (TAR) can sound like a foreign language and can seem just as daunting. Even for those legal professionals who have had experience utilizing the traditional TAR 1.0 model, the process may seem too rigid to be useful for anything other than dealing with large data volumes with pressing deadlines (such as HSR Second Requests). However, TAR 2.0 models are not limited by the inflexible workflow imposed by the traditional model and require less upfront time investment to realize substantial benefits. In fact, TAR 2.0 workflows can be extremely flexible and helpful for myriad smaller matters and non-traditional projects, including everything from an initial case assessment and key document review to internal investigations and compliance reviews.A Brief History of TARTo understand the various ways that TAR 2.0 can be leveraged, it will be helpful to understand the evolution of the TAR model, including typical objections and drawbacks. Frequently referred to as predictive coding, TAR 1.0 was the first iteration of these processes. It follows a more structured workflow and is what many people think of when they think of TAR. First, a small team of subject-matter experts must train the system by reviewing control and training sets, wherein they tag documents based on their experience with and knowledge of the matter. The control set provides an initial overall estimated richness metric and establishes the baseline against which the iterative training rounds are measured. Through the training rounds, the machine develops the classification model. Once the model reaches stability, scores are applied to all the documents based on the likelihood of being relevant, with higher scores indicating a higher likelihood of relevance. Using statistical measures, a cutoff point or score is determined and validated, above which the desired measure of relevant documents will be included. The remaining documents below that score are deemed not relevant and will not require any additional review.Although the TAR 1.0 process can ultimately result in a large reduction in the number of documents requiring review, some elements of the workflow can be substantial drawbacks for certain projects. The classification model is most effectively developed from accurate and consistent coding decisions throughout the training rounds, so the team of subject-matter experts conducting the review are typically experienced attorneys who know the case well. These attorneys will likely have to review and code at least a few thousand documents, which can be expensive and time consuming. This training must also be completed before other portions of the document review, such as privilege or issue coding, can begin. Furthermore, if more documents are added to the review set after the model reaches stability (think, a refresh collection or late identified custodian) the team will need to resume the training rounds to bring the model back to stability for these newly introduced documents. For these reasons, the traditional TAR 1.0 model is somewhat inflexible and suited best for matters where the data is available upfront and not expected to change over time (i.e. no rolling collections) so that the large number of documents being excised from the more costly document review portion of the project will offset the upfront effort expended training the model.TAR 2.0, also referred to as continuous active learning (CAL), is a newer workflow (although it has been around for a number of years now) that provides more flexibility in its processes. Using CAL, the machine also learns as the documents are being reviewed, however, the initial classification model can be built with just a handful of coded documents. This means the review can begin as soon as any data is loaded into the database, and can be done by a traditional document review team right from the outset (i.e. there is no highly specialized “training” period). As the documents are reviewed, the classification model is continuously updated as are the scores assigned to each document. Documents can be added to the dataset on a rolling basis without having to restart any portion of the project. The new documents are simply incorporated into the developing model. These differences make TAR 2.0 well suited for a wider variety of cases and workflows than the traditional TAR 1.0 model.TAR 2.0 Workflow ExamplesOne of the most common TAR 2.0 workflows is a “prioritization review,” wherein the highest scoring documents are pushed to the front of the review. As the documents are reviewed the model is updated and the documents are rescored. This continuous loop allows for the most up-to-date model to identify what documents should be reviewed next, making for an efficient review process, with several benefits. The team will review the most likely relevant, and perhaps important, documents first. This can be especially helpful when there are short timeframes within which to begin producing documents. While all documents can certainly be reviewed, this workflow also provides the means to establish a cutoff point (similar to TAR 1.0) where no further review is necessary. In many cases, when the review reaches a point where few relevant documents are found, especially in comparison to the number of documents being reviewed, this point of diminishing returns signals the opportunity to cease further review. The prioritization review can also be very effective with incoming productions, allowing the system to identify the most relevant or useful documents.An alternative TAR 2.0 workflow is the “coverage” or “diverse” review model. In this model, rather than reviewing the highest scoring documents first, the review team focuses on the middle-scoring range documents. The point of a diverse review model is to focus on what the machine doesn’t know yet. Reviewing the middle range of documents further trains the system. In this way, a coverage TAR 2.0 review model provides the team with a wide variety of documents within the dataset. When using this workflow for reviews for productions, the goal is to end up with the documents separated between those likely relevant and those likely not relevant. This workflow is similar to the TAR 1.0 workflow as the desired outcome is to identify the relevant document set as quickly or directly as possible without reviewing all of the documents. To illustrate, a model will typically begin with a bell-shaped curve of the distribution of documents across the scoring spectrum. This workflow seeks to end with two distinct sets, where one is the relevant set and the other is the non-relevant set.These workflows can be extremely useful for initial case assessments, compliance reviews, and internal investigations, where the end goal of the review is not to quickly find and produce every relevant document. Rather, the review in these types of cases is focused on gathering as much relevant information as possible or finding a story within the dataset. Thus, these types of reviews are generally more fluid and can change significantly as the review team finds more information within the data. New information found by the review team may lead to more data collections or a change in custodians, which can significantly change the dataset over time (something TAR 2.0 can handle but TAR 1.0 cannot). And because the machine provides updated scoring as the team investigates and codes more documents, it can even provide the team with new investigational avenues and leads. A TAR 2.0 workflow works well because it gives the review team the freedom to investigate and gain knowledge about a wide variety of issues within the documents, while still ultimately resulting in data reduction.ConclusionThe above workflow examples illustrate that TAR does not have to be the rigid, complicated, and daunting workflow feared by many. Rather, TAR can be a highly adaptable and simple way to gain efficiency, improve end results, and certainly to reduce the volume of documents reviewed across a variety of use cases.It is my hope that I have at least piqued your interest in the TAR 2.0 workflow enough that you’ll think about how it might be beneficial to you when the next document review project lands on your desk.If you’re interested in discussing the topic further, please freely reach out to me at DBruno@lighthouseglobal.com.ai-and-analytics; ediscovery-reviewtar-predictive-coding, blog, ai-and-analytics, ediscovery-reviewtar-predictive-coding; blogdavid bruno

Legal operations and process improvements can be tough if you are not speaking the same language. Does the following sound like something you would say? “I'm new to legal operations having come from a business background. Legal has a completely different mindset and even getting people to recognize that we have processes, let alone that we need to improve them, can be difficult. How do I speak to lawyers about process improvement?”If so, you’re in good company. This comment represents a theme I have heard at various legal operations conferences that I have attended. My background as a lawyer turned executive puts me in the position of speaking both lawyer and business professional. Here are some things that, in my experience, have been helpful for legal operations or business professionals entering the world of legal, to know.First, know that the need for a process is not a presumption. Often in the business world, there is general agreement that things should follow a process. That is not the same in legal. There isn’t a presumption for, or against, a process. It isn’t something that is thought about very much and since legal work is different for each matter (i.e. each contract is unique, each litigation is unique), there is a predisposition to thinking things should be done uniquely each time. This predisposition can be overcome but it does warrant an explanation, which is different from the status quo in the business realm.Second, recognize that many lawyers think in terms of risk and not just traditional financial ROI, as many business professionals are taught. For example, a change in a process can be seen as risky because it represents the unknown, so there may be hesitation to change despite a clear financial benefit. The way to overcome this is to consider and quantify the risks of any current process and changes to that process. Much in the way that you would traditionally quantify a financial ROI of anything you’re doing (or not doing), add in the risk factors and mitigations. Third, many lawyers like to see the world in steps from beginning to end – not with a whole bunch of uncertainty in the middle. So, laying things out in a detailed methodical way (e.g., how you will get from where you are now to the final result) will resonate with lawyers. If you do not know all the steps, at least showcasing what you have thought through or when you will have more details will be helpful in overcoming any skepticism.Finally, make sure you’re using a shared language. The meaning of words is very specific in the legal world. How a term has been defined in a contract can be the subject of an entire lawsuit and can make or break a business, so lawyers take definitions very seriously. Making sure everyone is on the same page with respect to the business language you are using can go a long way in avoiding unnecessary confusion. legal-operationslegal-ops, blog, legal-operations-legal-ops; bloglighthouse

Let’s begin by setting the stage. You’ve evaluated the ways a self-service, spectra eDiscovery solution could benefit your organization and determined the approach will help you boost workflow efficiency, free up internal resources, and reduce eDiscovery practice and technology costs. You’ve also researched how to ideally implement a solution and armed yourself with strategies to build a business case and overcome stakeholder objections that may arise.You’re now ready to move on to the next step in your organization’s self-service, spectra eDiscovery journey: selecting the right solution provider. When it comes to selecting a solution provider, one size does not fit all. Every organization has different eDiscovery needs—including yours—and those needs evolve. From how attorneys and eDiscovery teams are structured within the organization and their approach to investigations and litigations, to the types of data sources implicated in those matters and how those matters are budgeted—there’s a lot to be considered.The self-service, spectra solution you choose should be able to adapt to your changing needs and grow with your organization. Below, I’ve outlined four key considerations that will help you select a fitting self-service, spectra solution for your organization.1. Is the solution capable of scaling to handle any matter? ‍It’s important to select a self-service, spectra eDiscovery solution capable of efficiently handling any investigation or litigation that comes your way. A cloud-based solution can easily, swiftly scale to handle any data volume.You’ll also want to ensure your solution can handle the type of data your organization routinely encounters. For example, collecting, processing, and reviewing data generated by collaborative applications like Microsoft Teams may require special tools or workflows. The same can be said for data generated by chat messages or cellphone data. Before selecting a self-service, spectra solution, you’ll benefit from outlining the types of data your organization must handle and asking potential solution providers how their platform supports each.Additionally, you may be interested in the ability to move to a full-service model with your provider, should the need arise. With scalable service, your team will have access to reliable support if a matter become too challenging to manage in house. With a scalable solution bolstered by a flexible service model, your organization can bring on help as needed, without disruption. 2. Does the solution drive data reduction and review efficiency across the EDRM?‍Organizational data volumes are increasing year after year—meaning even small, discrete internal investigations can quickly balloon into hundreds of thousands of documents. Collecting, processing, analyzing, and producing large amounts of data can be costly, complicated, time consuming, and may open up your organization to legal risk if the right tools and workflows are not in place.Look for a self-service, spectra solution capable of managing data at scale, with the ability to actively help your organization reduce its data footprint. This means choosing a provider that can offer expert guidance around data reduction techniques and tools. Ask potential solution providers if they have resources to address the cost burden of data and mitigate risk through strategies like defensible data collections, effective search term selection, or crafting early case assessment (ECA), and technology assisted review (TAR) workflows.The provider should also be able to deliver technology engineered to reduce data resource draw, like processing that allows access to data faster, tools to cut down on hosted review data volume, and AI and analytics that provide the ability to re-use attorney work product across multiple matters. In short, seek a self-service, spectra solution that gives your organization the ability to defensibly and efficiently reduce the amount of costly human review across your organization’s portfolio. 3. Will the solutions’ pricing model align to your organization’s changing needs? Your organization’s budget requirements are unique and will likely change over time. Look for a solution provider that can change in accord and offer a variety of pricing models to fit your budgetary requirements. Ask prospective providers if they are able to design pricing around your organization’s expectations for utilization. Modern pricing models can be flexible yet predictable to prevent unexpected charges or overages, and ultimately align to your organization’s financial needs.4. Is the solution’s roadmap designed to take your organization into the future? When selecting a self-service, spectra solution it’s easy to focus on your current needs, but it’s equally important to consider what a self-service, spectra solution provider has planned for the future. If a vendor is not forward thinking, an organization may find itself being forced to used outdated technology that’s not able to take on new security challenges or process and review emerging data sources.Pursue a provider that demonstrates the ability to anticipate market trends and design solutions to address them. Ask potential providers to articulate where they see the market moving and what plans they have in place to update their technology and services to reflect what’s new. It can be helpful to question if a provider’s roadmap aligns to your organization’s direction. For example, if you know your company is planning to make a systematic change, like moving to a bring your own device (BYOD) policy or migrating to the cloud, you’ll want to confirm the self-service, spectra solution can support that change. Asking these types of questions before selecting a provider will guarantee the solution you choose will be able to grow with both your organization and the eDiscovery industry as a whole. With awareness and understanding of the true potential offered in a self-service, spectra solution, you can ultimately choose a provider that will help you level up your organization’s eDiscovery program. ediscovery-review; ai-and-analyticsself-service, spectra, blog, ediscovery-review, ai-and-analyticsself-service, spectra; bloglighthouse

When it comes to storing organizational data in the Cloud, a few phrases come to mind: the train has left the station; the ship has sailed; the horse is out of the barn, etc. No matter how you phrase it, the meaning is the same – the world is moving to the Cloud, with or without you. It is no longer an oncoming revolution. The revolution is here and your organization needs to prepare for dealing with data in the Cloud, if it hasn’t already. With that in mind, let’s talk cloud logistics – namely, security and cost.First up to the Plate – Cloud Security You might have heard the analogy circulating in technology forums recently that storing your data within the Cloud is akin to storing data on someone else’s hard drive. Unfortunately, from a security perspective, that’s not quite an accurate analogy (although life would be much easier if it were true).Don’t get me wrong - a significant benefit of moving to the Cloud is that it allows an organization to transfer much of the day-to-day security management to a technology company with the resources and expertise to handle that risk. Thus, if you are moving to a private cloud (i.e., renting data center space for your equipment), you can ease security concerns by ensuring that the hosting company maintains widely recognized security attestations/certifications and has a demonstrated commitment to data center security in accordance with strict vendor management risk processes. And of course, there’s always the reassurance when moving to a public cloud (Microsoft’s Azure or Amazon’s AWS) that you’re entrusting your data to companies with seemingly infinite security resources and expertise. That all certainly helps me sleep better at night.However, working within the Cloud still poses unique internal security challenges that will only amplify any of your existing security weaknesses if you’re not prepared for them. To put it another way: ISO certifications from cloud service providers cannot protect you from yourself. Risk, governance, and compliance teams will need to identify, plan for and adapt to internal security challenges. To do so, be sure to have a change management and review approval process in place (ideally before moving to the Cloud, but if not, as soon as possible once you’ve migrated). Also, ensure that your company has someone on hand (either through a vendor or within your IT staff) with the expertise needed to manage your internal cloud security who can stay abreast of all updates and changes.Next up – CostTo plan for a cloud migration, all stakeholders (including Legal Operations, Finance, DevOps, Security, and IT) should have a seat at the table and a plan in place for scaling up in the Cloud. Each team should understand the plan and process, as well as the role their team plays in controlling cost and risk for the company.Cloud Security and Costs Best PracticesTo plan for security risk in the Cloud, companies should ensure that:All cloud service providers are fully vetted, security certified, and have the requisite posture in place to fully protect your data.Company internal processes are evaluated for security risks and gaps. Have a change management and review approval process in place and ensure that you have the experts on hand to manage your cloud security practices and stay abreast of all updates and changes.To plan for costs, companies should ensure that:All stakeholders (including Legal Operations, Finance, DevOps, Security, and IT) collaborate and have a plan in place for scaling up within the Cloud when needed.Each team understands the plan and process, as well as the role their team plays in controlling cost and risk for the company.data-privacy; information-governancecloud-security, cloud-migration, blog, data-privacy, information-governancecloud-security; cloud-migration; blogmarcelino hoyla

Given the proliferation of data and evolving variety of data sources, in-house counsel teams are beginning to exhaust resources managing increasingly complex case data. self-service, spectra eDiscovery legal technology offers a compelling solution. Consider the impact of inefficiencies faced by in-house counsel, today - from waiting for vendors to load data or provide platform access, to scrambling, to keeping up with advancing technologies, and managing data security risks - it’s a lot. The average in-house counsel team isn’t just dealing with these inefficiencies on large litigations, they’re encountering these issues in even the smallest compliance and internal investigations matters.self-service, spectra solutions offer an opportunity to streamline eDiscovery programs, allowing in-house legal teams to get back to the business of case management and legal counseling. It’s understandable we’re witnessing more and more companies moving to this model.So, once your organization has decided it is ready to step into the future and take advantage of the benefits self-service, spectra eDiscovery solutions have to offer, what’s next? Below, I’ve outlined three best practices for implementing a self-service, spectra eDiscovery solution within your organization. While any organizational change can seem daunting at the outset, keeping the below tips in mind will help your company seamlessly move to a self-service, spectra model.1. Define how you leverage your self-service, spectra eDiscovery solution to scale with ease.One of the key benefits of a quality self-service, spectra solution is that it puts your organization back in the eDiscovery driver’s seat. You decide what cases you will handle internally, with the advantage of having access to an array of eDiscovery expertise and matter management services when needed, even if that need arises in the middle of an ongoing matter. Cloud-based self-service, spectra solutions can readily handle any amount of data, and a quality self-service, spectra solution provider will be able to seamlessly scale up from self-service, spectra to full-service without any interruption to case teams.Having a plan in place regarding how and when you will leverage each of these benefits (i.e. self-service, spectra vs. full-service) will help you manage internal resources and implement a pricing model that fits your organization’s needs.2. Select a pricing model that works for your organization.Every organization’s eDiscovery business is different and self-service, spectra pricing models should reflect that. After determining how your organization will ideally leverage a self-service, spectra platform, decide what pricing model works best for that type of utilization. self-service, spectra solution providers should be able to provide a variety of licensing options to choose from, from an a la cart approach to subscription and transaction models.Prior to communicating with your potential solution provider, define how you plan to leverage a self-service, spectra solution to meet your needs. Then you can consider the type of support you require to balance your caseload with team resources and prepare to talk to providers about whether they can accommodate that pricing. Once you have on-boarded a self-service, spectra solution, be sure to continue to evaluate your pricing model, as the way you use the solution may change over time.3. Discuss moving to a self-service, spectra model with your IT and data security teams .Another benefit of moving to a self-service, spectra model is eliminating the burden of application and infrastructure management. Your in-house teams will be able to move from maintaining (and paying for) a myriad of eDiscovery technologies to a single platform providing all of the capabilities you need without the IT overhead. In effect, moving to a self-service, spectra solution gives your team access to industry-leading eDiscovery technology while removing the cost and hassle of licensing and infrastructure upkeep.A self-service, spectra model also allows you to transfer some of your organization’s data security risk to a solution provider. You gain peace of mind knowing your eDiscovery data and the supporting tech is administered by a dedicated IT and security team in a state-of-the-art IT environment with best-in-class security certifications.Finally, to ensure your organization can realize the full benefit of moving to a self-service, spectra solution, it’s imperative that your IT team has a seat at the table when selecting a solution platform. They can help to ensure that whatever service is selected can be fully and seamlessly integrated into your organization’s systems. Keeping these tips in mind as your organization begins its self-service, spectra journey will help you realize the benefits that a quality self-service, spectra eDiscovery platform can provide. For more in-depth guidance on migrating to self-service, spectra platforms, Brooks Thompson’s blog posts discussing tips for overcoming self-service, spectra objections and building a self-service, spectra business case.ediscovery-review; ai-and-analyticsself-service, spectra, blog, ediscovery-review, ai-and-analyticsself-service, spectra; bloglighthouse

Your team is facing a wall of mounting compliance requirements and internal investigations, as well as a few larger litigations you fear you may not be able to handle given internal resource constraints. Each case involves unwieldy amounts of data to wade through, and that data must be collected from constantly-evolving data sources—from iPhones to Microsoft Teams to Skype chats. You’re working with your IT team to ensure your company’s most sensitive data is protected throughout the course of all those matters.All of this considered, your team is faced with vetting eDiscovery vendors to handle the large litigation matters and ensuring those vendors can effectively protect your company’s data. Simultaneously, you are shouldering the burden of hosting a separate eDiscovery platform for internal investigations with a legal budget that is already stretched thin. Does this sound familiar? Welcome to the life of a modern in-house attorney. Now more than ever, in-house counsel need to identify cost-effective ways to improve the effectiveness and efficiency of their eDiscovery matters and investigations with attention to the security of their company’s data. This is where adopting a cloud-based self-service, spectra eDiscovery platform can help. Below, I’ve outlined how moving to this type of model can ease many of the burdens faced by corporate legal departments.1. The Added Benefit of On-Demand Scalability‍A cloud-based, self-service, spectra platform provides your team the ability to quickly transfer case data into a cutting-edge review platform and access it from any web browser. You’re no longer waiting days for a vendor to take on the task with no insight into when the data will be ready. With a self-service, spectra solution, your team holds the reigns and can make strategic decisions based on what works best for your budget and organization. If your team has the bandwidth to handle smaller internal investigations but needs help handling large litigations, a scalable self-service, spectra model can provide that solution. If you want your team to handle all matters, large and small, but you worry about collecting from unique sources like Microsoft Teams or need help defensibly culling a large amount of data in a particular case, a quality self-service, spectra provider can handle those issues and leave the rest to you. In short, a self-service, spectra solution gives you the ability to control your own fate and leverage the eDiscovery tools and expertise you need, when you need them. 2. Access to the Best eDiscovery Tools – Without the Overhead Costs A robust self-service, spectra eDiscovery solution gives your team access to the industry’s best eDiscovery tools, enabling you to achieve the best outcome on every matter for the most efficient cost. Whether you want to analyze your organization’s entire legal portfolio to see where you can improve review efficiency across matters, or you simply want to leverage the best tools from collection to production, the right solution will deliver. And with a self-service, spectra model, your team will have access to these tools without the burden of infrastructure maintenance or software licensing. A quality self-service, spectra provider will shoulder these costs, as well as the load of continuously evaluating and updating technology. Your team is free to do what it is does best: legal work.3. The Peace of Mind of Reliable Data Security In a self-service, spectra eDiscovery model, your service provider shoulders the data security risk with state-of-the-art infrastructure and dedicated IT and security teams capable of remaining attentive to cybersecurity threats and evolving regulatory standards. This not only allows you to lower your own costs and free up valuable internal IT resources, but also provides something even more valuable than cost savings—the peace of mind that comes with knowing your company’s data is being managed and protected by IT experts.4. Flexible, Predictable Pricing and Lower Overall Costsself-service, spectra pricing models can be designed around your team’s expectations for utilization—meaning you can select a pricing structure that fits your organization’s unique needs. From pay-as-you-go models to a subscription-based approach, self-service, spectra pricing often differs from traditional eDiscovery pricing in that it is clear and predictable. This means you won’t be blindsided at the close of the month with hidden charges or unexpected hourly fees from a law firm or vendor. Add this type of transparent pricing to the fact that you will no longer be shouldering technology costs or paying for vendor services you don’t need, and the result is a significantly lower eDiscovery overhead that can fit within any legal budget. These four benefits can help corporations and in-house counsel teams significantly improve eDiscovery efficiency and reduce costs. For more information on how to move your organization to a self-service, spectra eDiscovery model, be sure to check out our other articles related to the self-service, spectra eDiscovery revolution – including tips for overcoming self-service, spectra objections and building a self-service, spectra business case.ediscovery-review; ai-and-analyticsself-service, spectra, blog, ediscovery-review, ai-and-analyticsself-service, spectra; bloglighthouse

Legal operations change management is one of the biggest challenges that professionals face according to a poll at the most recent CLOC conference. This isn’t surprising given that organizational change management is an often analyzed topic with a plethora of opinions about ways to accomplish it. There is no magic bullet to force a change in your legal department, however, growing your influence across legal operations and your organization can certainly help. Here are five steps to grow that influence and get people to modify their behaviors.Step 1: Get Clear About the Problem & Root CauseWhether you are tired of hearing about the myriad of issues with your contract lifecycle management or e-billing tool or you have been tasked with centralizing outside counsel selection and management, the first step remains the same. You must get clear in your own mind about what it is that you’re trying to change – both the problem complained about and the root cause of said problem. When starting out you should brainstorm and be liberal with your ideas, jot down anything that comes to mind, both problem and potential causes, and then ask others for their thoughts. Getting various opinions will help you to clarify the issue in your own mind. Once you have a page or two of related ideas, review all the notes and come to a final conclusion about the problem you are trying to solve and its root cause. Write this down in a succinct 1-3 sentence statement.Step 2: Create Your HypothesisThis second step also involves brainstorming. Go through the same process as step one by jotting down any ideas to solve your succinct problem statement. Again, you may want to ask a legal operations colleague (or two) for their thoughts. You may also want to observe people completing the task(s) you’re trying to change so that you can come up with some ideas of ways to solve the problem you have identified. For example, if you are targeting changing the matter management tool, you will want to understand the nature of the matters involved, understand what people are using the tool for, and create a hypothesis around the new tool you want to implement. Once you have your list, cull it down to 1-3 potential solutions to test.Step 3: Test Your HypothesisNext, take your 1-3 potential solutions and test them out. The first way to test is to reach out to other legal operations professionals and/or service providers outside your organization to see if the solution has worked for others. Next, if you can, test it out yourself in your organization. This doesn’t necessarily mean you will implement a sample of a new tool, but that you will demoing the tool and get an understanding of what you would need to implement this solution at your organization.Step 4: Create and Deliver Your PitchNow that you are the expert on the problem and have a well thought out solution, you need to convince others. The best way to do that is to tell a story that includes the following:what you saw (the problem);how pervasive the problem is (# of people impacted);the cost of the problem (time/money);the proposed solution;the benefit of this solution;why this solution over the other 2-3 good solutions; and what is needed to implement this solution. Once you have this together, determine who you will have to convince. Start with your boss, any budget owners, and any leaders whose teams will be directly impacted. Before you share the presentation, make sure that you understand what each of these group’s reactions may be so that you can tailor your verbal commentary to address their comments. If you don’t know the attendees’ potential reactions, you should consider doing some due diligence beforehand. The most effective way I have found to do this is to start with your boss. Share the general ideas of your presentation with them and ask them how others will react. If they are not sure, you can start with a peer in legal or another department or have informal conversations with the attendees before the actual presentation. Investing time in these “pre-pitches” will ensure a successful end result. Make sure you incorporate any feedback from these pre-pitches into the ultimate presentation.Step 5: Brag About Your ResultsAfter a successful presentation, procurement, and implementation, don’t forget to share the wins of your project. Specifically, share with the same people you pitched at the outset but also share the results with anyone whose behavior you have already or are still trying to change. Sharing any wins will reinforce the new behaviors you are trying to implement. Tie those wins back to the original presentation and the results you were anticipating. This showing of success (and of credibility of your original pitch) will have a positive impact on your reputation and ability to influence future change. You will develop a reputation for getting positive results and people will be excited to try what you have up your sleeve. legal-operationslegal-ops, blog, legal-operations,legal-ops; bloglighthouse

Co-authored by Hannah Fotsch, Associate, Lathrop GPM; Samuel Butler, Associate, Lathrop GPM; and Casey Van Veen, Vice President Global eDiscovery Solutions, Lighthouse2020 has been an incredibly tough year for many businesses, with companies big and small shuttering at a record pace due to COVID-19 restrictions and significant reductions in customer travel and spending. But there is one surprising business type that many people seem to want to continue to invest in despite the pandemic: the franchise business model.For example, both the U.S. Chamber of Commerce and Business.com recently highlighted franchise-model businesses that were not only surviving the pandemic and associated lockdowns, but thriving. And in fact, one of those thriving franchise business types called out by the authors was franchise consulting businesses (consultants that help match aspiring franchise owners with franchise opportunities). Apparently, the pandemic has actually increased investment interest in franchise opportunities.There may be a few different reasons why people are looking to the franchise business model during an economic downturn. Many franchise businesses have the benefit of a widely known name brand and market presence. Many have the benefit of leveraging a fully baked business model ‚Äì one that has presumably already been proven successful. Many also have more support than solo businesses in a variety of key business development areas, including marketing, advertising, and training. In short, the franchise business model may have more appeal during this economic upheaval than a solo business model because people trust the support it can provide in times of economic trouble.However, there are still several common pitfalls that can drag profits down and slow economic growth, leaving the franchise model just as exposed to failure as a solo business model in this time of economic uncertainty. One of those pitfalls is litigation and internal investigations, and the resulting eDiscovery challenges those two can raise. Not only do businesses operating within a franchise model face the same types of litigation and employee workplace issues that all other businesses face ‚Äì they may also have to deal with added litigation that is unique to the franchisor-franchisee relationship. All of this means increased cost and overhead, especially when it comes to preserving, collecting, reviewing, and producing the required data during the discovery phase.In this article, we discuss the legal eDiscovery challenges and the primary legal issues that we see affecting franchise businesses, large and small. We‚Äôll also provide best-practice tips that can help keep eDiscovery costs down and enable franchise businesses to utilize their advantage and continue to survive and thrive during this trying time.Legal eDiscovery ChallengesThere are four main challenges we see affecting franchise businesses currently: (1) the explosion of data sources; (2) the increased frequency of internal investigations and compliance matters; (3) the lack of a playbook to ensure discovery is managed in a low risk, low-cost manner; and (4) big data challenges.Explosion of Data SourcesWalk through any franchise store, restaurant, or facility today and you will be amazed at the number of devices and systems that must be contemplated in discovery.Fixed systems on property: Video security, card key access, time clock, email, and desktop computersCloud-based systems: Many of the above systems can also be found in the Cloud along with M365 and Google Suite of business documents, email, collaboration tools, and backupsEmployee sources: Personal email, cell phones (video, app chat, texts), iPads, and tabletsCorporate maintained systems: Marketing documents, HR systems, Material Safety Data Sheets (MSDSs), proprietary training, and competitive analysis documentationMoreover, employees at different franchise businesses may often choose to communicate on different platforms, which can exponentially diversify data sources. This amount and variety of sources can pose a myriad of challenges from an eDiscovery perspective.The duty to preserve data begins as soon as litigation is ‚Äúreasonably foreseeable.‚Äù Thus, once an allegation that may lead to litigation surfaces, the clock begins ticking, not only to effectively respond to the allegation but also to ensure that evidentiary data at issue is preserved. And once discovery begins, that preserved data will need to be collected. All of this can present challenges for the ill-prepared: How do you collect data from employees‚Äô personal devices? What are the local state and federal rules regarding the privacy of personal devices? How does collecting the data differ from Apple device vs Android devices? The need to be aware of platforms that create data and the possibilities for collecting that data from them must be addressed before litigation begins, or businesses risk losing data that could be essential to litigation.Key takeaway: Know your data sources as a standard course of business. Make sure that you know where data resides, how it can be accessed, and what can and cannot be collected from data sources.Internal Investigations & Compliance MattersThere has been a drastic increase in internal investigations and compliance matters with franchise clients recently. Hotline and compliance phone line tips, allegations around employee theft, and suspected fraud are on the rise. The key to resolving these types of investigations quickly and cost efficiently is speed. Attorneys and company executives need to know as soon as possible: is there truly an issue, how far does it go, how long has it been happening, how many employees does this effect, and what is the exposure (financially, socially). It is important to develop workflows and tools to help decision-makers and their legal experts sift through the mountains of data quickly.To understand the importance of this, consider this example. A company sales representative leaves the business and does not disclose their next line of work. A tip line reveals they the representative may have left for a competitor. Shortly thereafter, business deals that were executed and even ones in the pipeline suddenly disappear to a competitor. The former employer quickly conducts a forensic investigation on the representative‚Äôs laptop computer. Despite their attempt to hide their activity, the investigation reveals that the representative had downloaded proprietary customer lists, price sheets, and other valuable IP during their last week of employment and had also moved large chunks of confidential information from the company‚Äôs servers to thumb drives and utilized their personal email to store work communications. Without a strategic plan in place laying out how to quickly execute a forensic internal investigation in this type of situation, the company would have lost substantial revenue to a competitor.Companies that are particularly concerned about former employees stealing proprietary information can even go further than creating an effective investigatory and remediation strategy ‚Äì putting a departing employee forensic monitoring program in place can prevent this time of abuse from happening in the first place.Key takeaway: Have a program in place to certify that departing employees leave with only their personal belongings and not proprietary company information.Lack of an eDiscovery PlaybookPlaybooks come in many forms today: user manuals, company directives, cooking instructions, and recipe guides. A successful playbook for the legal department will establish a practical process to follow should a legal or compliance issue arise. Playbooks, like a checklist for a pilot about to fly a plane, ensure that everyone is following a solid process to avoid risk. These documents also prevent rogue players from recreating the wheel and going down potentially expensive rabbit holes.Repetitive litigation situations are particularly well suited for acting according to playbooks, and standardizing the response to these situations helps to ensure the predictability of both outcomes and expenses. For example, these documents can be as granular as necessary but typically include a few key topics such as:The process for responding to a 3rd party subpoena, service, or allegation of wrongdoingThe company‚Äôs systems that are typically subject to discoveryIT contacts that can help gather the information/dataA list of service providers/trusted partners to assistStandard data processing and production specifications (i.e. time zone, global deduplication, single-page TIFF images 400 dpi, text, and metadata fields)Preferred technologies to search, review, and produce documents (i.e. Relativity)Key takeaway: Playbooks can shave days off of the engagement process with outside counsel and data management companies. Having a repeatable process and plan on day one will save time and money as well as reduce risk.Big Data ChallengesFranchisors face issues in litigation that are unique to the industry, from vicarious liability claims involving the actions of franchisees or their employees to the sheer unpredictability that comes from extensive business relationships involving franchisees of a breathtaking range of sophistication. An increase in litigation leads to an increase in data. Even a run-of-the-mill dispute can lead to the need to gather (and potentially review) more than 100,000 documents. Add one or two more small disputes, and the amount of data quickly becomes unmanageable (and expensive).Fortunately, there have been impressive advances in the field of advanced legal analytical and artificial intelligence (AI). These innovative eDiscovery tools can help legal professionals analyze data to quickly identify documents that are not important to the litigation or investigation (thereby eliminating the need to review them), as well find the ‚Äústory‚Äù within a data set. For example, some analytical tools can help identify code words that an employee might have used to cover up nefarious actions, or analyze communications patterns that allow attorneys to identify the bad actors in a given situation. Other tools now have the capability of analyzing all of the company‚Äôs previously collected and attorney-reviewed data, which substantially reduces the need for attorney review in the current matter.All of these tools work to reduce data burden, which in turn reduces costs and increases efficiency.Key takeaway: Take the time to learn what eDiscovery solutions are available on the market today and how you can leverage them before you are faced with a need to use them.To discuss this topic more, please feel free to reach out to me at CVanVeen@lighthouseglobal.com. ediscovery-review; ai-and-analyticscloud, ai-big-data, compliance-and-investigations, ediscovery-process, blog, ediscovery-review, ai-and-analyticscloud; ai-big-data; compliance-and-investigations; ediscovery-process; blogcasey van veen

A recent conversation with a colleague in Lighthouse’s Focus Discovery team resonated with me – we got to chatting about TAR protocols and the evolution of TAR, analytics, and AI. It was only five years ago that people were skeptical of TAR technology and all the discussions revolved around understanding TAR and AI technology. That has shifted to needing to understand how to evaluate the process of your team or of opposing counsel’s production. Although an understanding of TAR technology can help in said task, it does not give you enough to evaluate items like the parity of types of sample documents, the impact of using production data versus one’s own data, and the type of seed documents. That discussion prompted me to grab one of our experts, Tobin Dietrich, to discuss the cliff notes of how one should evaluate a TAR protocol. It is not totally uncommon for lawyers to receive a technology assisted review methodology from producing counsel – especially in government matters but also in civil matters. In the vein of the typical law school course, this blog will teach you how to issue spot if one of those methodologies comes across your desk. Once you’ve spotted the issues, bringing in the experts is the right next step.Issue 1: Clear explanation of technology and process. If the party cannot name the TAR tool or algorithm they used, that is a sign there is an issue. Similarly, if they cannot clearly describe their analytics or AI process, this is a sign they do not understand what they did. Given that the technology was trained by this process, this lack of understanding is an indicator that the output may be flawed.Issue 2: Document selection – how and why. In the early days of TAR, training documents were selected fairly randomly. We have evolved to a place now where people are being choosy about what documents they use for training. This is generally a positive thing but does require you to think about what may be over or under represented in the opposing party’s choice of documents. More specifically, this comes up in 3 ways:Number of documents used for training. A TAR system needs to understand what responsive and non-responsive looks like so it needs to see many examples in each category to approach certainty on its categorization. When using too small a sample, e.g. 100 or 200 documents, this risks causing the TAR system to incorrectly categorize. Although a system can technically build a predictive model from a single document, it will only effectively locate documents that are very similar to the starting document. The reality of a typical document corpus is that it is not so uniform as to rely upon the single document predictive model.Types of seed documents. It is important to use a variety of documents in the training. The goal is to have the inputs represent the conceptual variety in the broader document corpus. Using another party’s production documents, for example, can be very misleading for the system as the vocabulary used by other parties is different, the people are different, and the concepts discussed are very different. This can then lead to incorrect categorization of documents. Production data, specifically, can also add confusion with the presence of Bates or confidentiality stamps. If the types of seed documents/training documents used do not mirror typical types of documents expected from the document corpus, you should be suspicious.Parity of seed document samples. Although you do not need anything approaching the perfect parity of responsive and non-responsive documents, it can be challenging to use 10x the number of non-responsive versus responsive documents. This kind of disparity can distort the TAR model. It can also exacerbate either of the above issues, number, or type of seed documents.Issue 3: How is performance measured? People throw around common TAR metrics like recall and precision without clarifying what they are referring to. You should always be able to tell what population of documents these statistics relate to. Also, don’t skip over precision. People often throw out recall as sufficient, but precision can provide important insight into the quality of model training as well.By starting with these three areas, you should be able to flag some of the more common issues in TAR processes and either avoid them or ask for them to be remedied. ai-and-analytics; ediscovery-reviewanalytics, ai-big-data, tar-predictive-coding, blog, ai-and-analytics, ediscovery-reviewanalytics; ai-big-data; tar-predictive-coding; bloglighthouse

When you’re a kid, you love easy games to learn and play, whether they’re interactive games, board games or card games. One of the first card games many kids learn how to play is “Go Fish.” It’s easy to learn because you simply ask the other player if they have any cards of a certain kind (e.g., “got any Kings?”) – if they do, you collect those cards from them; if they don’t, they say “Go Fish” and you have to draw a card from the deck and your turn ends. Easy, right?Conducting keyword searching without a planned, controlled process that includes testing and verifying the results is somewhat like playing “Go Fish” – you might get lucky and retrieve the documents you need to support your case (without retrieving too many others) and you might not. Yet many lawyers and legal professionals think they “get” keyword searching. Why? Because they learned keyword searching in law school using Westlaw and Lexis? Or they understand how to use “Google” to locate web pages related to their topics? But these examples are designed to identify a single item (or handful of items) related to one topic that you seek.Keyword searching for electronic discovery is about balancing recall and precision to produce a proportional volume of electronically-stored information (ESI) that is responsive to the case, which could be thousands or even millions of responsive documents, depending on the issues of the case.Five Common Keyword Searching MistakesWith that in mind, here are five common mistakes that lawyers and legal professionals make when conducting keyword searches:1. Poor Use of Wildcards: Wildcard characters can be helpful in expanding the scope of the search, but only if you use them well — and understand how they are applied by the search engine you’re using (warning: don’t use Google’s search engine as an exemplar). Poorly placed or ill-advised wildcard character(s) can completely blow up a search. A few years ago, there was a case where one of the goals was to identify documents that related to apps on devices (mobile and PC), so the legal team decided to use a search term “app*” to retrieve words like “app”, “application”, “apps”, etc. Great, right? Not when that same term also retrieves terms like “appear”, “apparent”, “applied”, “appraise”, etc. A better search in this case would have been (app or apps or application*). Make sure to think through word variability and consider word formulations that could be hit by the search. Also consider whether wildcard operators are attached at the appropriate place in the stem of a word so that all of the variants are hit. If not, the search might target too many unrelated words or omit words you want to capture.2. Use of Noise or Stop Words: To keep retrieval responsive even in large databases, most platforms don’t index certain common words that appear regularly (defined as “noise” or “stop” words), yet many legal professionals fail to exclude these noise words in the searches they conduct – yielding unexpected results. Search terms such as “management did” or “counseled out” won’t work if “did” and “out” are noise words that can’t be retrieved. There are typically 100 or more words that are not indexed by a typical platform, so it’s important to understand what they are and plan around them in creating searches that can get you as close as possible to your desired result.3. Starting with Searches That Are Too Broad: Another common mistake is to start with searches that are too broad, assuming that you’ll get a result that will be easy to narrow down through additional search. In fact, you may get a result that makes it nearly impossible to determine what might be causing your search to retrieve unexpected results. Keyword search works best when the hard work has been done up front, either by working with subject matter experts who have provided insight into likely vocabulary used (e.g., shorthand, code words, slang) or via a targeted exploration of the document population. That knowledge, coupled with the effective use of Boolean operators like AND, OR, and NOT, should enable you to craft initial searches that put targeted words in the appropriate context, increasing the likelihood that relevant material will be found at the outset. That result will provide the necessary fodder for developing additional searches that are more precise.4. Failing to Test What’s Retrieved: Many legal professionals create a search, perform that search and then proceed to review without testing the results. Performing a random sample on the results could quickly identify a search that is considerably overbroad and would result in a low prevalence rate of responsive documents, driving up costs for review and production. Testing the result set to ensure the search is properly scoped is well worth the time and effort to take that extra step in terms of potential cost savings. Better to review an extra few hundred documents than an extra hundred thousand documents.5. Failing to Test What’s Not Retrieved: It’s just as important to test the documents that were not retrieved in a search to identify areas that were potentially missed. Not only does a random sample of the “null set” help identify searches that were too narrow in scope, they also are important in addressing defensibility concerns related to your search process if it is challenged by opposing counsel.The ”Go Fish” analogy isn’t an original one – then New York Magistrate Judge Andrew J. Peck used it in his article Search, Forward over nine years ago (October 2011) when he observed that “many counsel still use the “Go Fish” model of keyword search.” If you’re making some of the mistakes listed above, you might be doing so as well. Proper keyword searching is an expert planned and managed process that avoids these mistakes to maximize the proportionality and defensibility of your discovery process. It’s not a kid’s game, so make sure you don’t treat it like one.ediscovery-reviewblog, -keyword-search, ediscovery-review,blog; keyword-searchlighthouse

Legal tech was no match for 2020. Everyone’s least favorite year wreaked havoc on almost every aspect of the industry, from data privacy upheavals to a complete change in the way employees work and collaborate with data.With the shift to a remote work environment by most organizations in the early spring of 2020, we saw an acceleration of the already growing trend of cloud-based collaboration and video-conferencing tools in workplaces. This in turn, means we are seeing an increase in eDiscovery and compliance challenges related to data generated from those tools – challenges, for example, like collecting and preserving modern attachments and chats that generate from tools like Microsoft Teams, as well compliance challenges around regulating employee use of those types of tools.However, while collaboration tools can pose challenges for legal and compliance teams, the use of these types of tools certainly did help employees continue to work and communicate during the pandemic – perhaps even better, in some cases, than when everyone was working from traditional offices. Collaboration tools were extremely helpful, for example, in facilitating communication between legal and IT teams in a remote work environment, which proved increasingly important as the year went on. The irony here is that with all the data challenges these types of tools pose for legal and IT teams, they are increasingly necessary to keep those two departments working together at the same virtual table in a remote environment. With all these new sources and ways to transfer data, no recap of 2020 would be complete without mentioning the drastic changes to data privacy regulations that happened throughout the year. From the passing of new California data privacy laws to the invalidation of the EU-US privacy shield by the Court of Justice of the European Union (CJEU) this past summer, companies and law firms are grappling with an ever-increasing tangle of regional-specific data privacy laws that all come with their own set of severe monetary penalties if violated. How to Prepare for 2021The key-takeaway here, sadly, seems to be that 2020 problems won’t be going away in 2021. The industry is going to continue to rapidly evolve, and organizations will need to be prepared for that.Organizations will need to continue to stay on top of data privacy regulations, as well as understand how their own data (or their client’s data) is stored, transferred, used, and disposed of.Remote working isn’t going to disappear. In fact, most organizations appear to be heading to a “hybrid” model, where employees split time working from home, from the office, and from cafes or other locations. Organizations should prepare for the challenges that may pose within compliance and eDiscovery spaces.Remote working will bring about a change in employee recruiting within the legal tech industry, as employers realize they don’t have to focus talent searches within individual locations. Organizations should balance the flexibility of being able to expand their search for the best talent vs. their need to have employees in the same place at the same time.Prepare for an increase in litigation and a surge in eDiscovery workload as courts open back up and COVID-related litigation makes its way to discovery phases over the next few months.AI and advanced analytics will become increasingly important as data continues to explode. Watch for new advances that can make document review more manageable.With continuing proliferation of data, organizations should focus on their information governance programs to keep data (and costs) in check.To discuss this topic further, please feel free to reach out to me at SMoran@lighthouseglobal.com. ai-and-analytics; ediscovery-review; legal-operationscloud, analytics, emerging-data-sources, data-privacy, ai-big-data, blog, ai-and-analytics, ediscovery-review, legal-operations,cloud; analytics; emerging-data-sources; data-privacy; ai-big-data; blogsarah moran