February 14, 2019 Articles

No Stone Unturned: Targeting Unknown or Unique Data Sources During Discovery

It can be difficult to predict where a company’s most relevant information lives.

By Thomas J. Gersey and Derek M. Duarte

You’ve filed an action alleging unfair business practices against a new competitor. Initial discovery requests should be easy—email communications, spreadsheets, marketing materials. But in a world of cloud applications and an abundance of Software as a Service (SaaS) options, it can be difficult to predict where a company’s most relevant information lives.

Without an effective discovery plan, an attorney is left choosing between two equally problematic options: (1) attempt to include every conceivable data source and run the risk of missing an important resource or (2) prepare overly broad requests and subject oneself to objections or data dumps. Depending on the choice, you may run the risk of an insufficient request for production, or you may create an unnecessary review burden and expense for your client. In the digital age, an attorney needs a discovery plan that is efficient and specific while identifying relevant data from a blind target. 

Beyond the Obvious

We’ve reached a point where the standard data targets are easy for most attorneys to identify. Typical requests for production will invariably call for production from email systems, both local (Outlook, Apple mail) and cloud-based (Gmail, Office 365); any shared data (network folders, ShareFile); customer relationship management (CRM) data (Salesforce, Zoho, Netsuite); chat platforms (Hangouts, Slack, HipChat); ticketing systems (Freshdesk, Zendesk); and loose files from custodian devices.

But for every obvious target, there are an infinite number of business products that a company may be using that may be too new to know about or that may be so niche and specific to its business that they are foreign to anyone not in that industry. The best thing that an attorney can do to be prepared is to be knowledgeable about e-discovery and the potential data sources that they may confront, but that isn’t always practical.

Discovery Conference

Luckily, the amended Federal Rules of Civil Procedure (FRCP) are designed to facilitate attorneys’ efforts to flush out their adversaries’ most relevant data sources, no matter how unique. The most obvious and effective way to identify a party’s data sources is to simply ask what they are. Rule 16 requires early and active case management and expands the topics that may be addressed in pretrial conference, specifically calling on counsel to hold a discovery conference. This conference is an opportunity to discuss the specific data sources that a party is using—information that can be dissected later with an e-discovery expert to determine which data sources should be targeted in requests for production (RFPs).

Key to an effective discovery conference is counsel knowing the type of data that will be most relevant to their argument. For example, if engaged in litigation over a noncompete agreement, sales processes and records will be key. The requesting party will need to identify the defendant’s CRM tool(s), lead-tracking tool(s), accounting software, and any other relevant data source that tracks the sales process.

RFPs and Interrogatories

If an opposing party is not sufficiently forthcoming in conference, counsel can still identify relevant data sources by creating RFPs dependent on parallel special interrogatories. The most effective method is to apply a three-pronged approach:

  1. Identify the specific kind of data that you are seeking, and request the name and description of the data store where that information would reside.
    Example: “Identify and describe the CRM or sales lead management system(s) used to manage leads, accounts, and contacts.”
  2. Request a description of how the data is stored, including format, language, physical locus, and available metadata.
    Example: “Identify and describe the metadata that is stored for each account or client in the CRM or sales lead management system(s) identified above.”
  3. Request a description of the entire process for memorializing the relevant information as it may lead to the identification of additional relevant data sources not previously contemplated.
    Example: “Identify and describe the process for inputting new sales accounts and leads into the CRM or sales lead management system(s), including but not limited to manual data entry, web-based data transfer, direct integration, or file upload.”

Interrogatories should be prepared in conjunction with RFPs, where the requests tie directly to the responses to the interrogatories. For example, a sample RFP might be as follows: “Produce any and all documents that refer or relate to accounts created or modified in the CRM or sales management tool identified by Defendant in Interrogatory No. 1.” Nothing is more defensible than specificity, and focusing requests in this manner will limit objections and provide a more manageable volume of data.

Expert Consultation

That being said, it may be prudent in certain cases to await the responses to the special interrogatories and consult with a computer forensic or e-discovery expert to ensure the following:

  1. Responses map to existing systems and are of sufficient specificity.
  2. Production format ensures the production of relevant metadata through native file production or a load file containing responsive metadata.
  3. The data is delivered in a way that will facilitate efficient and cost-effective review.

For example, assume that you have determined a likelihood that relevant communications or documents will exist in a defendant’s Slack chats. A simple request for the production of “all Slack communications” may result in the production of the data in its native format—in this case a .json file, which is best read as a large text document and would be incredibly difficult to review. Worse yet, the producing party could create a TIFF of the JSON file if it is using commonly utilized production specifications, which would prohibit any meaningful review of the data. Knowing this in advance will allow an attorney to set the parameters for how that data should be produced or, in the alternative, will assist counsel in preparing a proper budget where the conversion of data produced by the opposing party is required.

Conclusion

In the end, the key is this: Don’t guess! Absent an up-to-date, complete encyclopedia of all possible data sources available, attempts to blindly identify your opponent’s relevant data sources is a fool’s errand. Modern attorneys need to use the ideals of cooperation and efficiency, which are the foundation of the amended FRCP, as authority to compel their opponents to provide relevant and accurate information about how their data is stored. The extra effort and attention to detail will help ensure that your requests are specific, avoid objection, and limit your opponent’s ability to burden you and your client with large volumes of unusable or irrelevant data.

Thomas J. Gersey is a vice president and general counsel and Derek M. Duarte is the president of BlackStone Discovery in San Francisco, California.


Copyright © 2019, American Bar Association. All rights reserved. This information or any portion thereof may not be copied or disseminated in any form or by any means or downloaded or stored in an electronic database or retrieval system without the express written consent of the American Bar Association. The views expressed in this article are those of the author(s) and do not necessarily reflect the positions or policies of the American Bar Association, the Section of Litigation, this committee, or the employer(s) of the author(s).