Law Technology News
ALM Properties, Inc.
Page printed from: Law Technology News

Back to Article

Select 'Print' in your browser menu to print this document.

International committee could standardize e-discovery processes

Evan Koblentz

Law Technology News

2013-02-11 00:00:06.0


Members of the International Standards Organization—a 66-year-old body with 162 member nations, tackling everything from bank transactions to shoe sizes—are forming a new committee to develop standards for e-discovery processes.

The standards, if passed, would define procedures for technology companies, discovery providers and their clients to follow when handling digital data. "This international standard provides guidance on measures, spanning from initial creation of [electronically stored information] through its final disposition, which an organization can undertake to mitigate risk and expense should electronic discovery become an issue," a draft of the committee charter states.

If products and services are certified as ISO-compliant, then a party and their counsel could more easily decide what to purchase, and judges could be sure that electronic data discovery follows uniform methods, explained Hitachi Data Systems' Eric Hibbard, who is co-editor of the project and serves as international representative on a U.S. contingent to the organization.

The proposed e-discovery committee is part of ISO's cybersecurity unit. That's because the unit already standardized aspects of digital forensics such as identification, collection and preservation of electronic evidence, so it has experience in working in legal topics, Hibbard said. Discovery didn't fit into any other ISO groups, he added.

"We're not trying to impose requirements on lawyers or judges. That's not the intention of the activity. It's really intended to help them sort through some of the technology issues that are really nebulous," Hibbard said.

In addition to describing how discovery services and software should operate, the standard would refer to product auditing aspects. It would cite the long-standing ISO 9001 quality control procedures, used by more than 1 million businesses worldwide, according to a recent survey. E-discovery companies could then achieve certification and advertise their products as ISO 9001-compliant. The standard would also relate to the existing ISO forensics work, Hibbard said.

There are 37 corporate members of Hibbard's cybersecurity committee, including Booz Allen & Hamilton Inc., EMC Corp., Hewlett-Packard Co., Microsoft Corp., and Symantec Corp., all with significant presence in e-discovery. Because the committee was not originally formed to cover EDD, the member companies may need to modify their representation to account for its expanded focus. HP and Symantec have the largest EDD involvement, with their ownership of Autonomy and Clearwell Systems, respectively.

Endorsements and concerns

Several e-discovery experts polled by Law Technology News said they support Hibbard's premise, while exhibiting some hesitancy of the unknown.

Tom Barnett, e-discovery practice leader at corporate investigation company Stroz Friedberg, supports the proposed committee. "I think it'll be good for the industry to be able to separate the people who are really serious about process and quality control from the people who aren't," he said. "E-discovery has become a multibillion-dollar industry. But in some ways it still operates as as a startup industry, and standards like these have not been implemented," said Barnett, who is based in Los Angeles. "It's allowed for a wide variety of quality standards—or no standards sometimes."

"E-discovery is not a legal process. It's a technical and engineering problem. You need a standard," Barnett continued. "Because it really is a relatively new industry, a lot of people do things their own way."

Jackson Lewis partner Ralph Losey, of Orlando, Fla., also supports the concept. "I'm all in favor of these quality control standards as things that should be followed by vendors. ... ISO is something that can be imposed on vendors to help make sure we're getting the same thing," he said.

"I find it fascinating," Symantec e-discovery attorney Phil Favro said, in Mountain View, Calif. "I think that anything that can get cross-border standards on e-discovery is a good thing, and that having an international body with collaboration from key players in the industry establishing those standards will go a long way, hopefully, to addressing the misunderstandings that exist between different countries."

"ISO, let's face it, they're setting the standards across the board," Favro said. "I don't see this as anything but a value-add."

At HP, in Palo Alto, Calif., standards specialist Eva Kuiper was enthusiastic. "[It] is good for the industry overall to be discussing a global ISO standard on the technical aspects of e-discovery. HP will be reviewing the standard and providing comments as it progresses," she said.

Yet many supporters hedge their bets. Losey, who writes the e-Discovery Team blog, said a standard is useful if Hibbard's team avoids areas of law: "I'm very much a believer in engineering and technology people working with lawyers," he said. But, he quipped, "I do not want to have Captain Kirk in the engineering room, and I do not want Scotty running the bridge."

Barnett noted that a standard could become too wide to manage, and Favro observed potential overlap with existing work from the Sedona Conference think tank.

Concerns and next steps

Industry consultants George Socha, known for his work on the Electronic Discovery Reference Model, and Karl Schieneman, of Review Less, both agreed that a standard could help, yet wondered aloud if it's ahead of its time.

"Our field would benefit from well-designed standards, as the status quo is far from sufficient. That said, e-discovery is a rapidly changing space—and we are talking about litigation, which by definition involves adversaries," said Socha, based in St. Paul, Minn. "That means, I suspect, that no one is going to be able to come up with any comprehensive e-discovery standards in the near future whose use will ensure that a litigant will be able to successfully argue, 'We used XYZ-standard vendor, so there's nothing to argue about,'" he said.

Socha continued, "If the approaches used to develop ISO standards help improve the quality of work performed under the broad umbrella of e-discovery then that should be a positive thing. Just as no one person or organization has the exclusive franchise for thought-leadership in the e-discovery space, no one standard-setting body has that franchise when it comes to efforts to develop standards for the e-discovery arena. Rather, I suspect that what will be the most beneficial for the largest number of e-discovery consumers and providers would be an approach whereby multiple standard-setting bodies were able to work together toward a common goal."

Schieneman had a similar response. "Obviously international e-discovery is a growing problem. But the tension with standardizing processes requires you to know which processes you want to standardize. You need to know what works. The big issue right now is experimentation," he said, in Pittsburgh. "Predictive coding, cloud computing, bring-your-own-device, social networking—there are lots of problems that are out there. These data forms keep changing," noted Schieneman. "So I think having an international committee is not a bad thing to try to deal with these issues, but the bigger challenge is trying different approaches to figure out what works."

Differences of opinion aside, ISO delegations from dozens of countries Wednesday are voting on whether to make Hibbard's new committee official. That appears to be a formality. Only five affirmative votes are required for a project to advance from its consideration stage into formalization. In addition to support from the American delegation—where anyone can participate and officially comment via an established committee called INCITS—delegations from Italy, Japan, South Africa and the U.K. already indicated their support, Hibbard explained. Assuming the ballot passes, Hibbard said he and U.K.-based forensic scientist Angus Marshall will be appointed as project managers, probably by late May. A draft report would be due in July and comments would be requested by August.

Hibbard, based in Santa Clara, Calif., said he welcomes EDRM and Sedona Conference participation in the project. Hibbard and Losey shared a panel discussion in January at the American Bar Association E-Discovery and Information Governance National Institute, in Tampa, Fla., where they were joined by Jason R. Baron, director of litigation at the U.S. National Archives. Baron in June 2012 proposed the formation of a similar quality control standard but without the process aspects. His project, unrelated to Hibbard's, does not yet have formal support from any standards body. Baron, in an interview at LegalTech New York this month, said he personally supports the ISO 9001 aspect of Hibbard's plan and he hopes to form his own committee by this spring.

"I'd like to think that the e-discovery industry is maturing enough in terms of its capability maturity model, especially in the vendor space, to allow for the development of standards that govern what we do," Baron said. "There was a lively discussion [in Tampa] about whether we are ready for that kind of standard. While I moderated a panel, I am more strongly aligned at this moment with a more modest proposal in the 9001 space," he said.

Hibbard and Baron share a common goal. "My dream remains that, to lower the cost of litigation, we have judges who are willing to bring parties together," Baron said. "What about, 'Hey guys, why don't you cooperate by picking from a small group ... who you know have fulfilled the requirements of an audit,'" he said. "It's a path forward for eliminating the risk of ancillary litigation over discovery."

Evan Koblentz writes for Law Technology News, a Daily Report affilate.