We understand that the EDRM is not always a perfectly linear process and we are here to assist in as much or as little of the process as required.


The Gillware e-discovery consultant team can provide support in all stages of the Electronic Discovery Reference Model.

Electronic Discovery Reference Model

e-Discovery Process

Thorough and complete data mapping, IT and custodian interviews, and data type inventorying can lead to shorter discovery time, lower discovery costs, reduced legal risks, and more favorable decisions and litigation outcomes.

E-Discovery Identification

In E-Discovery, identification is identifying potential sources of relevant ESI including custodial and non-custodial ESI. Identification is arguably the most important part of the E-Discovery process. Thorough and complete data mapping, IT and custodian interviews, and data type inventorying can lead to shorter discovery time, lower discovery costs, reduced legal risks, and more favorable decisions and litigation outcomes.

Gillware E-Discovery Identification Services

  • Meet and Confer Conference Consulting (FRCP Rule 26(f))
    • Preparation of initial disclosures per FRCP Rule 26(a)(1)
    • Create and complete and accurate discovery to avoid data spoliation and potential sanctions.
    • Consultation on potential physical and proportionality challenges related to discovery
    • We can assist with data mapping, FRCP Rule 26 Meet and Confer consultation, Inventorying potential sources of your own ESI or the other sides ESI, verification of third party produced data maps and ESI inventories, cost analysis for cost shifting and proportionality as it related to FRCP 26(b)(1).

    Potential Sources of ESI are constantly changing and are different for every case, but they may include:

    • Communications
      • Locally Stored Emails on Computers, Smart Phones, and Tablets (Outlook PST, Outlook OST, MSG, EML)
      • Server Stored Emails (Microsoft Exchange, Office 365, Gmail, and thousands of other hosting providers)
      • Business Chat Applications (Skype, Slack, Microsoft Lync, HipChat, Facebook at Work, Gmail Chat, Google Hangouts, Salesforce Chatter, and many more)
      • Videoconferencing Systems (Skype for Business, GoToMeeting, Zoom, Join.me, Cisco WebEx, Google Hangouts)
      • Text Messages (SMS, MMS, iMessage)
      • Phone Calls (VOIP, Mobile, Land Line)
      • Voicemails (locally stored, stored on phones, attached as emails, saved to VOIP servers)
    • Local Network Resources
      • File Shares
      • Network Storage (NAS, File Servers)
      • DNS Name Servers
      • VPN Servers
      • Database Servers/Application Servers (Microsoft SQL, Oracle, MySQL, Postgress, MongoDB, CouchDB)
    • Cloud Services
      • File shares (Office 365, DropBox, Google Drive, One Drive, Box, iCLoud, Amazon Drive)
      • Salesforce
      • Cloud Service Providers (Amazon Web Services AWS, Microsoft Azure, Rackspace)
    • Local Files
    • Removable Devices
    • Data Backup Systems
      • Local and cloud based file backup systems
      • Cloud based backup systems (Barracuda, Carbonite, Acronis, etc.)
      • Tape Backups
    E-Discovery Preservation

    Immediately after identification of ESI, a preservation plan needs to be created and executed to avoid spoliation of the data. When a party is sanctioned for e-discovery practices, it is most often due to failure to preserve ESI. The key to preservation is creating a thorough and defensible plan that allows all ESI to be preserved without excessive downtime or burden for the organization involved.

    Gillware Preservation Services

  • Creation of Preservation Plan
  • Verification of preservation order compliance
  • Preservation by Collection
  • Documentation of Preservation
  • Preservation Strategies

    • Custodian Self-Preservation
      • Issue legal holds/litigation holds/letters of preservation to all custodian’s
      • Relies on the custodian’s ability to preserve their own data.
      • ISSUES OF DEFENSIBILITY
    • Videoconferencing Systems (Skype for Business, GoToMeeting, Zoom, Join.me, Cisco WebEx, Google Hangouts)
      • Preservation by Collection – copying data/metadata/cloud data right after it is identified as potentially relevant in the identification phase.
        • Should delete any data that does not end up needing to preserved.
          • Pros: Protects all ESI regardless of custodial/user action
          • Cons: More upfront cost, but can save time and money later
      • In-Place Preservation – Many server and cloud based email and file storage systems have in place preservation features which allow IT staff to lock specific mailboxes and data.
        • Pros: Protects all ESI regardless of custodial/user action. Easy to implement.
        • Cons: Can cause business interruptions. Largely not an option for devices, such as, computers, mobile phones, tablets and external storage.
    E-Discovery Collection

    E-discovery collection is the process of acquiring the data that was identified and preserved in previous stages of the e-discovery process. ESI and associated metadata needs to be collected in a way that does not modify the data at all. The collection process needs to be legally defensible. Collection may identify other data which was not exposed in the identification stage and will need to be preserved and therefore expand the scope of the ESI.

    Depending on the type of system, collection can become complicated. Even in the easiest collection situations, care needs to be taken to collect the data in a way that does not alter the file and collects the file system metadata (data about the file that is not contained in the file itself). In more complicated situations, such as, collection from a Microsoft Exchange email database, cloud applications, or VOIP systems, advanced software tools may need to be used or even created to collect the data in a defensible, efficient, and targeted manner without interrupting business operations.

    Gillware can consult on the creation and execution of a collection strategy including reporting. We are happy to assist with collection from any source of ESI regardless of the size

    Here are some of the data sources we collect from:

    Communications

    • Locally Stored Emails on Computers, Smart Phones, and Tablets (Outlook PST, Outlook OST, MSG, EML)
    • Server Stored Emails (Microsoft Exchange, Office 365, Gmail, and thousands of other hosting providers)
    • Business Chat Applications (Skype, Slack, Microsoft Lync, HipChat, Facebook at Work, Gmail Chat, Google Hangouts, Salesforce Chatter, and many more)
    • Videoconferencing Systems (Skype for Business, GoToMeeting, Zoom, Join.me, Cisco WebEx, Google Hangouts)
    • Text Messages (SMS, MMS, iMessage, WhatsApp, etc.)
    • Phone Calls (VOIP, Mobile, Land Line)
    • Voicemails (locally stored, stored on phones, attached as emails, saved to VOIP servers)

    Local Network Resources

    • File Shares
    • Network Storage (NAS, File Servers)
    • DNS Name Servers
    • VPN Servers
    • Database Servers/Application Servers (Microsoft SQL, Oracle, MySQL, Postgress, MongoDB, CouchDB)

    Cloud Services

    • File shares (Office 365, DropBox, Google Drive, One Drive, Box, iCLoud, Amazon Drive)
    • Salesforce
    • Cloud Service Providers (Amazon Web Services AWS, Microsoft Azure, Rackspace)

    Local Files

    • Email Files (pst, ost, eml, msg, edb)
    • Office Documents (pdf, docx, doc, xlsx, xls, pptx, ppt, etc.)
    • Image Files (jpg, tiff, gif, raw, etc.)
    • Video Files (mov, mp4, avi, wmv, etc.)
    • Local Application Files

    Removable Devices

    • External Hard Drives
    • USB Thumb Drives (Flash Drives)
    • CDs/DVDs
    • Floppy Disks
    • Zip Disks

    Data Backup Systems

    • Local and cloud based file backup systems
    • Cloud based backup systems (Barracuda, Carbonite, Acronis, etc.)
    • Tape Backups
      • Pros: Protects all ESI regardless of custodial/user action. Easy to implement.
      • Cons: Can cause business interruptions. Largely not an option for devices, such as, computers, mobile phones, tablets and external storage.
    E-Discovery Processing

    After the ESI is collected and before the ESI is reviewed, the data needs to be processed. After collection, data is stored in many different types of data sources, such as, full disk images, database dumps, archive files, system backups, image files, encrypted data, and many more. The processing phase converts all this data into a standard format while retaining all the data and metadata. Additionally, the content is sorted and made searchable to facilitate filtering. Accurate processing of the ESI can greatly reduce review time. Conversely, if ESI is not processed properly there can be too much data left to review, or worse, data that should have been reviewed can be missed.

    E-Discovery Review

    The review stage is where the data is looked at, typically with technology assisted review (TAR) tools. Data is reviewed to identify responsive documents to produce and privileged data to withhold. Review can be a daunting task with many terabytes of data. Fortunately, with advances in technology, much of the review phase can be accomplished by technology. At Gillware, we can use a combination of existing tools and software tools developed specifically for your situation. These tools allow for review to be completed more quickly without sacrificing accuracy.

    E-Discovery Analysis

    Although the analysis phase appears in a specific location in the EDRM model, it is used in every stage of E-Discovery. Complete analysis tools, techniques and knowledge is necessary to perform defensible and accurate E-Discovery.

    • Analysis of
      • Potential ESI Sources and Custodians
      • Automated tasks that may corrupt ESI under preservation
      • Collection techniques and collection results
      • File System Metadata
      • File contents
      • Privileged information
      • Confidential information/data
      • Production Strategies
      • Production Results to ensure no privileged or confidential information is being shared
    E-Discovery Production

    The ESI identified as responsive in the review stage needs to be produced to apposing legal counsel in a way that is compliant to the agreed upon production terms. Due to the many different forms ESI can be in, standard legal production methods can be inadequate. In accordance with Rule 26(f) of the Federal Rules of Civil Procedure, the form of production will have already been agreed upon. FRCP rule 34(b)(1)(E)(ii) states “if a request does not specify a form for producing ESI, a party must produce it in a form or forms in which it is ordinarily maintained or in a reasonably usable form or forms”. Depending on the type of ESI, defensible production can save time and money.

    Formats of Production Include

    • Native – Files are produced in their native format. i.e. Office documents are returned as .docx files
      • Pros
      • Cheapest form of production because there are no processing costs
      • Fastest form of production because there is no processing time
      • Cons
      • Cannot redact
      • Exposes files to accidental alteration and manipulation
      • Can contain hidden metadata
      • Client may not have proper software license to access files
      • Cannot tag/brand/number individual pages
    • Near-Native – Files are produced in a format that closely resembles their original native format. For example, taking an Exchange database and producing it as individual EML files
      • Pros
      • Data files are more likely to be in an easily reviewable format
      • No image conversion cost or time
      • Cons
      • Cannot Redact
      • Exposes files to accidental alteration and manipulation
      • Cannot tag/brand/number individual pages
    • Image (Near-Paper) – Files are converted to images, typically TIFF or PDF files
      • Pros
        • Can individually tag/brand/number pages
        • Can redact
        • Standard file formats for review
        • Cons
          • Cost of image conversion
          • Image conversion takes time
          • Certain files are not possible to represent as images
          • Data may be lost in the conversion, such as, Excel formulas, Certain elements of Office documents.
      • Paper Format – ESI is produced on paper. This is similar to image format in terms of pros and cons but review and processing can be more difficult. Paper format is almost never the only form of production.
      • Load Files – Load files are large files that contain all elements for review. Depending on the type of litigation assisting software, different load file types are used. Regardless of the type of production, native, near-native, or image, load files can be a convenient and sometimes required way to produce data.

    INTERESTED?
    GET A FREECONSULTATION

    Free Consultation