The Perfect Storm: eDiscovery and Cloud Service Providers

The market for Cloud Service Providers (CSPs) is very sunny.  Forrester Research predicted in a research report published earlier this year titled, “Sizing the Cloud” that the global cloud computing market would reach $241 billion in 2020 compared to $40.7 in 2010.  And, Gartner Predicts that the eDiscovery market will reach $1.5 Billion by 2013.  However, based upon the research that I have completed over the past sixty (60) days, Cloud Service Providers (CSPs) and their clients are ignoring eDiscovery as an important component of a standard cloud service offering.

I have some theories in regards to why this is the case:

CSPs DON'T UNDERSTAND eDISCOVERY
Over the pat five (5) years Cloud Service Providers (CSPs) have been busy focusing on their core offerings of Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS), honing their value propositions and trying to figure out how to differentiate themselves from the pack.  Overwhelmed with the rudimentary issues of what to offer and how to make a profit , eDiscovery has not been a requirement that has reached the road map of any CSPs that I have interviewed.

Most of the reasons behind this is the fact that eDiscovery is actually a "latent pain" that the CSP's clients and prospects are not asking for (I will cover this in more detail in the next section).  However, part of the reason may be just plain semantics.  I have found that when you ask a CSP business development executive if their clients are asking about eDiscovery, the answer will be no.  However, if you change the question and ask if their clients are asking about information governance, compliance, business analytics or something even simpler like universal or federated search, the answer may be yes.  This subtle difference is confusing to most in the eDiscovery market and therefore it is no wonder that it is very confusing to the CSP market.As In indicated in my Blog post on September 15, 2011,titled, "Evolving from Information Governance to eDiscovery", I believe that eDiscovery is actually part of a larger market called information governance (IG).  And, as Sunil Soares, the Director of Information Governance within the IBM Software Group indicated in a blog post on April 11, 2011 titled, Why Information Governance is a Market, Not Just a Process, “information governance is like the blind man and the elephant. Depending on which part of the elephant you touch, people define information governance to include master data management, data stewardship, data quality management, metadata management, business glossaries, information lifecycle management and security and privacy.” 

I would actually include several other components as integral parts of IG in pursuit of my premise that if Gartner predicts that the eDiscovery market is going to reach $1.5 Billion by 2013, the information governance market is going to be many times this size.  Or, in other words, more than likely the largest  software and services market on the planet in the next five (5) years (Note that HP paid $11 Billion for Autonomy to play in the IG Market).

So, maybe CSPs need to think of eDiscovery as Information Governance and concentrate on the fact that information governance is potentially the single biggest market on the planet in the coming years?

CSP CLIENTS DON'T UNDERSTAND eDISCOVERY
Another interesting fact emerged from my recent study on eDiscovery in the CSP market.  It appears that most CSP enterprise clients don't understand eDiscovery.  Come to find out, a very high percentage of the standard CSP client base are actually "renegade" business units with global 2000 enterprises that were unhappy being held hostage by their IT organizations and decided to outsource their information management to a CSP.  Unless the business unit in question is the legal department (which is highly unlikely), the stakeholders within these units have no idea what eDiscovery or information governance is or would they know to even ask their CSP if it can be supported if the need were to present itself.

After further investigation into this market dynamic, the story actually gets even more interesting.  If one of these global 2000 enterprises is sued and is presented with a request to produce information (ESI) or some governance regulatory entity asks for proof of compliance, the request is normally handled by the General Counsel (GC) and legal department.  More than likely the first place the GC will go is to the IT department asking for its help in producing the requested data (Please note that most global 2000 enterprises are now relatively adept at the process of internal eDiscovery).  However, the GC may not even know to ask about the data (ESI) from the renegade business unit and if they do, the renegade business unit is not going to know how to comply with the request and their IT department is probably not going to help since they are no at all happy that they went to a CSP for IT services in the first place.  Given all of this, the business unit executives or the GC may call the CSP and ask for help.  However, since the CSP doesn't really understand eDiscovery, they aren't going to be much help.  Basically, at this point the entire eDiscvoery process can get pretty ugly.  The GC is under a legal obligation to respond (i.e. Federal Rules of Civil Procedure) under a fairly limited time frame with financial and other sanctions are real possibilities for non-compliance with the request.

THE PERFECT STORMSo, unfortunately, what I have determined to be the current status in the Cloud Service Provider (CSP) market is the perfect storm of neither the CSP or the CSP's client base understanding the need for eDiscovery.  However, there are solutions and there is hope.

THE ROADMAP FOR SUCCESS FOR CSPs
The roadmap to success for the CSPs is actually not that complicated.  CSPs need to get serious about providing eDiscovery and/or information governance as a component or their standard offering.

In a January 8, 2012 blog post titled, "Cloud Computing Architecture and eDiscovey", I stated that "It is within the Platform-as-a-Service (PaaS) layer where eDiscovery services belong.  In fact, this may be a good time to coin the term eDiscovery-as-a-Service (eDaaS)... And, since providing eDaaS as a standard option for any PaaS offering makes so much sense and could provide a first mover and key competitive advance for Cloud Service Providers (CSPs), I predict that we will see several eDaaS offerings before the end of 2012.  And, I also predict that once the eDaaS offerings hit the market, the legacy eDiscovery platform providers will be forced to re-evaluate the value propositions of their non eDaaS offerings in the cloud."

CSPs can contact me at cskamser@ediscoverysolutionsgroup.com for additional insight on which technology vendors currently have or are about to announce eDaaS offerings.

THE ROADMAP FOR SUCCESS FOR CSP CLIENTS
The roadmap to success for the CSP clients is also actually not that complicated.  First of all, enterprise business unit stakeholders need to add eDiscovery and Information Governance to  their list of requirements for the CSPs.  And, they need to seek out and collaborate with their legal and IT departments in regards to a plan to follow when an eDiscovery and/or compliance event occurs.  It just make sense and its not complicated.

Enterprise stakeholders that are contemplating or already working with a CSP can contact me at cskamser@ediscoverysolutionsgroup.com for additional insight on what to expect from their CSP and what best practices to follow when an eDiscovery and/or compliance event occurs.

CONCLUSION
Both the cloud and the eDiscovery / Information Governance trains have left the station and therefore it is no longer an option for either Cloud Service Providers or their clients to ignore the legal requirements and business benefits.  The current practices to address the issues of eDiscovery or Information Governance are ugly at best.  However, the roadmap for success is not that complicated.  And, the rewards for both the CSP and their clients is well worth the investment.

The Dangers of Do-It-Yourself eDiscovery: A Warning to Lawyers and Business Leaders.

The goal of eDiscovery is to acquire relevant electronically stored information (ESI) and admit relevant and useful ESI into evidence. While ESI may be used for other purposes, such depositions or settlement negotiations, if the ESI is not gathered properly, it will not be admissible into evidence. Such a result would waste both the time and cost expended to obtain the ESI. Lawyers should not gather ESI personally and the person who does the collection should be qualified to do such work. Otherwise, the ESI may not be admissible and significant damage may be done to a party’s case.

The Lawyer as a Witness. Lawyers who gather ESI directly face several dilemmas and dangers. One of the largest concerns is the lawyer becoming a witness in the case. American Bar Association Model Rule of Professional Conduct 3.7 prohibits the lawyer from acting as the lawyer in the case and being a necessary witness. Rule 3.7 states:

(a) A lawyer shall not act as advocate at a trial in which the lawyer is likely to be a necessary witness unless:
(1) the testimony relates to an uncontested issue;
(2) the testimony relates to the nature and value of legal services rendered in the case; or
(3) disqualification of the lawyer would work substantial hardship on the client.

(b) A lawyer may act as advocate in a trial in which another lawyer in the lawyer's firm is likely to be called as a witness unless precluded from doing so by Rule 1.7 or Rule 1.9.

The comment 2 to Rule 3.7 states:
The tribunal has proper objection when the trier of fact may be confused or misled by a lawyer serving as both advocate and witness. The opposing party has proper objection where the combination of roles may prejudice that party's rights in the litigation. A witness is required to testify on the basis of personal knowledge, while an advocate is expected to explain and comment on evidence given by others. It may not be clear whether a statement by an advocate-witness should be taken as proof or as an analysis of the proof.

In the D.C. Bar in Ethics Opinion No. 228 expanded upon the purpose of this rule:

Beyond the confusion that this combination of roles might create, the rule is justified on at least three other bases: (1) it is necessary to prevent the possibility that, in addressing the jury, the lawyer will appear to vouch for his own credibility; (2) it will prevent the difficult situation that occurs when an opposing counsel must cross-examine a lawyer-adversary and seek to impeach his credibility; and (3) the rule also will prevent the implication that the testifying lawyer is distorting the truth for his/her client’s benefit.

Citing Culebras Enterprises Corp. v. Rivera-Rios, 846 F.2d 94, 99 (1st Cir. 1988), citing Bottaro v. Hatton Associates, 680 F.2d 895, 897 (2d Cir. 1982); International Electronics v. Flanzer, 527 F.2d 1288, 1294 (2d Cir. 1975); MacArthur v. Bank of New York, 524 F. Supp. 1205, 1208 (S.D.N.Y. 1981).

Authentication of ESI. Any person who gathers ESI must be able to authenticate and lay a foundation for that ESI. “Authentication” simply means that the person called to admit the ESI must prove that the ESI is what he or she claims it is. That person must be able to lay a foundation for the ESI.

To authenticate the evidence, the person called to testify may need to establish the following, depending upon what is sought to be introduced and the issues raised:

How the ESI was gathered.
Where the ESI was stored.
Who had access to it.
Establish the chain-of-custody
Whether other ESI was also located.
Whether a thorough search was conducted.
Whether the ESI sought to be introduced was altered from its original state.
Other essential details.

Who should be entrusted with the responsibility to gather the ESI? Who should take the witness stand to testify at trial? Certainly, the law firm’s paralegal, secretary and investigator should not conduct the ESI search unless that individual is qualified to establish the above-listed details and will lay the appropriate foundation for introduction of the ESI.

When gathering evidence it is usually not clear whether the evidence will be challenged when the party seeks to introduce it. Thus, the evidence should be gathered in a thoughtful manner that will withstand future challenges.

If ESI is gathered improperly and a party is unable to lay an appropriate foundation to authenticate the ESI, that evidence will not be admitted into evidence. This could be devastating to the case, depending on how critical the ESI was.

Just as experts are hired to provide opinions and establish essential facts, experts should be used to gather ESI. Ideally, the expert will have both technical are needed to search for, gather and introduce ESI.

The person who gathers ESI should also be a good witness. Parties must generally take witnesses as they come. There is very little control over who witnessed particular facts. However, when gathering evidence, parties are given the opportunity to select the witness. So, there should be some assurance that the person who gathers ESI will be a competent witness who can be depended upon. This witness may end up being the critical witness in the case.

Do-It-Yourself eDiscovery Software Tools. Some eDiscovery software tools are marketed directly to lawyers and this is clearly a terrible idea. A lawyer should not gather ESI if he wants to remain the attorney in the case or introduce the ESI into evidence. If the lawyer chooses to gather ESI, he may even be committing malpractice. Do-it-yourself software tools were intended to reduce the cost of eDiscovery and place direct control over the ESI in the hands of lawyers and business leaders. However, they may have unintended consequences.

The lawyer cannot use these tools to gather ESI or she may be disqualified as the lawyer in the case. Only a person qualified to testify at trial should use these tools to gather ESI. Ideally, this person would be an expert.
Thought must be given to who and how ESI should be gathered before it is obtained. A little bit of caution early will be rewarded later.

Cloud Computing Architecture and eDiscovery

Cloud computing is now the defacto Information Management (IT) architecture that enterprises are either already utilizing or have plans to utilize in the near future. The goal of this Blog post is to provide an overview of cloud computing, it's effect on the practice of eDiscovery and what eDiscovery in the cloud really means.

From a pure conceptual standpoint, cloud computing is actually a marketing term for technologies that provide computation, software, data access, and storage services that do not require end-user knowledge of the physical location and configuration of the system that delivers the services.  From an end user standpoint, conceptually not having to worry about where your data is located is a tremendous benefit.  However, from an eDiscovery collection perspective, conceptually not knowing where data may be located could prove to be an issue or at the very least a concern.

Cloud comping is also a delivery model for IT services based on Internet protocols, and it typically involves provisioning of dynamically scalable and often virtualized resources.  It is a natural byproduct and consequence of the ease-of-access to remote computing sites provided by the Internet. This may take the form of web-based tools or applications that users can access and use through a web browser as if the programs were installed locally on their own computers.  Saleforce.com is the best known example of this type of application of cloud computing.  There are also several eDiscovery vendors that now offer a web-based option and most, if not all of the remaining vendors will be doing so in 2012.

At the foundation of cloud computing is the broader concept of infrastructure convergence, consisting of services delivered through shared data centers, which appear to users as a single point of access for their computing needs. This type of data center environment allows enterprises to get their applications up and running faster, with easier manageability and less maintenance, and enables IT to more rapidly adjust IT resources (such as servers, storage, and networking) to meet fluctuating and unpredictable business demand.  From a pure conceptually standpoint, infrastructure convergence enabling the flexibility of meeting the inevitable demands of eDiscovery processing would seem to be the natural next step.  However, in practice, with much of the legacy eDiscovery technology locked into appliances and complex software configurations that don't lend themselves to the advantages of  virtualized computing, there are only a few eDiscovery technology vendors that are positioned to truly take advantage of cloud computing and the flexibility of infrastructure convergence.

Once an enterprise decides to go down the cloud computing path they can either implement the concept of infrastructure convergence and shared resources as an internal private cloud, an outsource their IT infrastructure to a third party public cloud through a Cloud Service Provider (CSP) or they can choose a hybrid approach which utilizes both public and private cloud infrastructures.  However, as I stated in the previous paragraph, there are only a few eDiscovery technology vendors that are positioned to truly take advantage of cloud computing and the flexibility of infrastructure convergence.  Therefore, at this point, even though the enterprise decides to implement cloud computing, unless they embrace the new generation of eDiscovery platforms that can "live and work" in the virtual world of the cloud, they may have to leave their eDiscovery processing behind and continue to collect and process data outside the cloud.

Amazon Web Services (AWS)
One of the first and better know Cloud Service Providers (CSPs) is Amazon Web Services (AWS).  Launched in July 2002, Amazon Web Services  is a collection of remote computing services (also called web services) that together make up a cloud computing platform, offered over the Internet by Amazon.com. The most central and well-known of these services are Amazon EC2 and Amazon S3.  Most of these services are not exposed directly to end users, but instead offer functionality that other developers can use. In June 2007, Amazon claimed that more than 330,000 developers had signed up to use Amazon Web Services. Amazon Web Services’ offerings are accessed over HTTP, using Representational State Transfer (REST) and SOAP protocols. All services are billed on usage, but how usage is measured for billing varies from service to service. Please note that as of the writing of this Blog post, AWS had not responded to numerous requests to officially comment on how they are currently handling eDiscovery requests from thier clients.

CLOUD ARCHITECTURE LAYERS
Cloud computing architecture is categorized into three (3) layers; Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS).

Software-as-a-Service (SaaS)
Software-as-a-Service (SaaS) is the best known of these layers as it is the most visible to users. Simply put, Software-as-a-Service (SaaS) enables software vendors to deliver software as a service over the Internet, eliminating the need to install and run the application on the user's own computers and simplifying maintenance and support.  SaaS is actually a more mature delivery architecture than many realize and is an integral part of cloud computing. According to a Gartner Group estimate, SaaS sales in 2010 reached $10B, and were projected to increase to $12.1b in 2011, up 20.7% from 2010. Gartner Group estimates that SaaS revenue will be more than double its 2010 numbers by 2015 and reach a projected $21.3b. Customer relationship management (CRM) continues to be the largest market for SaaS. SaaS revenue within the CRM market was forecast to reach $3.8b in 2011, up from $3.2b in 2010.

And, as indicated earlier in this post, there are a number of eDiscovery tool vendors that offer SaaS delivery options.  However, don't confuse SaaS delivery with providing eDiscovery in the Cloud.  There is a major difference.   Since it is highly unlikely that the eDiscovery platform is in the same physical location as the data, eDiscovery SaaS providers requires users to physically collect data and move it the data center (physical location) that houses the eDiscovery platform.    Once loaded onto this platform, the data is processed and then users can access it over the internet.  I contend that this approach of moving data to the eDiscovery platform is not that different that what has occured over the past 5-10 years with other enterprise data and is not eDiscovery in the cloud.  True eDiscovery in the Cloud requires the eDiscovery software to reside in the cloud.  This implementation would in fact be considered SaaS but is much different than the current generation of eDiscovery SaaS platforms.

Platform-as-a-Service (PaaS)
Platform-as-a-Service (PaaS) is a category of cloud computing services that provide a computing platform and a solution stack as a service.  In the classic layered model of cloud computing, the PaaS layer lies between the SaaS and the IaaS layers.Various types of PaaS vendor offerings could be extensive and will include a total application hosting, development, testing, and deployment environment, along with extensive integrated services that consist of scalability, maintenance, and versioning.  PaaS offerings may also include facilities for application design, application development, testing, deployment and hosting as well as application services such as team collaboration, web service integration and marshalling, database integration, security, scalability, storage, persistence, state management, application versioning, application instrumentation and developer community facilitation.

It is within the Platform-as-a-Service (PaaS) layer where eDiscovery services belong.  In fact, this may be a good time to coin the term eDiscovery-as-a-Service (eDaaS).  Unfortunately, as of the writing of this Blog post there are no eDiscovery vendors that offer eDiscovery-as-a-Service (eDaaS).  However, there are several vendors that I am aware of that are working on offerings to be released in early 2012.  And, since providing eDaaS as a standard option for any PaaS offering makes so much sense and could provide a first mover and key competitive advance for Cloud Service Providers (CSPs), I predict that we will see several eDaaS offerings before the end of 2012.  And, I also predict that once the eDaaS offerings hit the market, the legacy eDiscovery platform providers will be forced to re-evaluate the value propositions of their non eDaaS offerings in the cloud.

Please note that I am working on a research paper investigating how the CSPs support the eDiscovery requirements of their client bases and what next generations tools (eDaaS) are going to be available to assist the CSPs with these requirements.

Infrastructure-as-a-Service (IaaS)
Infrastructure-as-a-Service (IaaS) is the least glamorous of the cloud computing layers but provides the real technical "infrastructure" to enable cloud computing to exist.  Infrastructure-as-a-Service (IaaS), simply stated, provides a physical yet virtual processing environment along with raw (block) storage and networking. Rather than purchasing servers, software, data-center space or network equipment, enterprise clients instead buy those resources as a fully outsourced service with the ability to scale up processing, storage and even networking as may be required.  There is a lot more technical details to IaaS.  However, for the purposes of this post, my definition is adequate to get my point across.

CONCLUSION
Cloud computing is now the defacto Information Management (IT) architecture that enterprises are either already utilizing or have plans to utilize in the near future.  Cloud computing architecture is categorized into three (3) layers; Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS).  It is within the Platform-as-a-Service (PaaS) layer where eDiscovery services or eDiscovery-as-a-Service (eDaaS), belong .  Unfortunately, as of the writing of this Blog post there are no eDiscovery vendors that offer eDiscovery-as-a-Service (eDaaS).  However, there are several vendors that I am aware of that are working on offerings to be released in early 2012.  And, since providing eDaaS as a standard option for any PaaS offering makes so much sense and could provide a first mover and key competitive advance for Cloud Service Providers (CSPs), I predict that we will see several eDaaS offerings before the end of 2012.

Enterprise App Store in the Cloud

If you are using the iPhone, iPad or one of the Android portable devices,  you are already familiar with the concept of an "App Store".

The Apple App Store opened on July 10, 2008 via an update to iTunes. On July 11, the iPhone 3G was launched and came pre-loaded with iOS 2.0.1 with App Store support; new iOS 2.0.1 firmware for iPhone and iPod Touch was also made available via iTunes. As of June 6, 2011, there are at least 425,000 third-party apps officially available on the App Store. As of January 18, 2011, the App Store had over 9.9 billion downloads and at 10:26 AM GMT on Saturday, January 22, 2011, the 10 billionth app was downloaded from Apple App Store. As of late 2011, 200 million iOS users have downloaded over 18 billion apps from its App Store.

And although the Android platform is a relative new commer to the App market, it now boasts 400,000 Apps with over 10 billion downloads.

So, the paradigm shift has occurred.  Mobile devices users (which before too many more years will make up the majority of computer users) now expect to be able to search for an App in the cloud and then download it to their device, pay for it with a credit card and start using it immediately. It is just the way "things" are suppose to work. So, why aren't we doing this in the enterprise software market?

Software-as-a-Service (SaaS)
Software-as-a-Service (SaaS) is the closest thing to the App Store model in the enterprise market. SaaS, sometimes referred to as "on-demand software," is a software delivery model in which software and its associated data are hosted centrally, typically with a Cloud Service Provider (CSP) or directly from the software vendor, and are typically accessed by users using a thin client, normally using a web browser over the Internet.

SaaS has become a common delivery model for most business applications, including accounting, collaboration, customer relationship management (CRM), enterprise resource planning (ERP), invoicing, human resource management (HRM), content management (CM) and service desk management. SaaS has been incorporated into the strategy of all leading enterprise software companies.  Please note that the term software as a service (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) which is the topic of my next Blog post.
According to a Gartner Group estimate, SaaS sales in 2010 reached $10B, and were projected to increase to $12.1b in 2011, up 20.7% from 2010. Gartner Group estimates that SaaS revenue will be more than double its 2010 numbers by 2015 and reach a projected $21.3b. Customer relationship management (CRM) continues to be the largest market for SaaS. SaaS revenue within the CRM market was forecast to reach $3.8b in 2011, up from $3.2b in 2010.So, where is the Enterprise App Store that houses and enables users to download Enterprise Class SaaS Apps?

The Enterprise App Store
The Enterprise App Store doesn't really exist, to any great degree, because the infrastructure and business model is much more complicated in the enterprise market than it is in the consumer market.  And, due to the quarter over quarter financial pressues, the legacy software vendors are "dragging their feet" on moving to this model as it will completely change their revenue models and the transition could prove to  be a short term disaster for profits and stock prices.  In the long run, an Enterprise App Store delivery model should generate more revenues with dramatically higher margins.

Nevertheless, Amazon and several of the other Cloud Service Providers (CSPs) are beginning to offer application catalogues that resemble the Apple and Android App Stores.  And, there are rumors that several of the Auzre cloud platform providers are also developing the infrastructure and backoffice administration to support an Enterprise Class App Store in the Cloud.

Where it Runs
One of the major differences between downloading a single application to an iPhone and downloading an enterprise class application for use throughout an organization is where and how it runs.  Obviously, the iPhone app runs on a single iPhone.  However, the enterprise app will more than likely have to run in a virtual environment on a server and will have to provide access to multiple users.    This is a much different configuration and will require a much more robust infrastructure.

Pricing
Another major difference is pricing.  Many iPhone and Android apps are free and very few cost more than a few dollars.  In addition, users can download them and pay for them, as an example, with the credit card they have on file with iTunes. Enterprise apps on the other hand may cost hundreds of thousands of dollars and won't be paid for via a credit card.  Once again, the infrastructure and backoffice administrative systems to support this new model are much different.

Further, thanks to $.48 per hour per server pricing from CSPs like Amazon, use pricing is also another variable that enterprise App users will begin to demand.  Instead of paying $250.000 per year for an SMB enterprise ERP system, users may want to pay $100 per hour per instance or per user for the time that they are actually using the App.  And, once again, the infrastructure and backoffice administrative systems to support these requirements are much different than anything that has been done in the past.

The New Enterprise App Paradigm in the Cloud
The new Enterprise App paradigm in the cloud will enable enterprise users to access the cloud (where all of their data now resides) from any computing device (more likely a mobile devices as time marches on) and choose which Apps they want to use.  The system (more than likely supported by a major CSP) will pull an instance of the requested App out of an App library, configure it to support the needs of the user and then charge the user's enterprise for the time that the App is actually used.  This may sound crazy.  But, this paradigm is not that far away.  And, once one of the major CSPs begins to offer this as a first mover, the market will explode and the rest of the CSPs will have to follow or perish (i.e. how viable would a smart phone be that didn't enable you to download applicaions?).

Targets of Opportunity
The target markets for an Enterprise App Store are wide spread with both operational and financial benefits for both large and small enterprises.  However, there are a few vertical application domains with applications that are not used on a daily basis that appear to pose great initial targets of opportunity.  An example of this type of App would be within the eDiscovery market wtih Early Case Assessment (ECA) platforms.  Enterprises that may be reluctant to spend $250,000 per year for a ECA tool under the current legacy distribution model where the amount of usage is highly variable,  might be keen to enter into an agreement to have access to a virtual ECA solution with a pricing schedule that only charges them when they use the system.   I am not sure that the legacy ECA tool vendors are going to be pleased with this new paradigm (See above).  But, its the direction that the market is headed and therefore they had better start to make adjustments in their delivery models and also had better prepare their stockholders for the changes in the revenue stream.

SummaryIt only took comsumers a fews years to embrace the iPhone and Android App Store model and download almost 30 billion applications from the cloud.  As I always say, the train has left the station on how users want their apps served up.  So, now its just a matter of how long it takes the enterprise software vendors and the Cloud Service Providers to get their collective acts together and offer the same delivery paradigm for enterprise Apps.

eDiscovery and the Lawyer's Duty of Competence

The level of eDiscovery knowledge and experience among attorneys is widely varied. Some understand the issues in-depth, others have a passing knowledge of the basics, and other do not have even a beginner’s comprehension of the issues. Those who fail to acquire a working understanding eDiscovery issues are doing a great disservice to their clients; they may even be committing malpractice.

I often preach that there were two obligations highlighted in the 2006 amendments to the Federal Rules of Civil Procedure. First, is the duty to disclose ESI when required. As is widely known, when litigation is reasonably foreseeable a party must prevent the destruction of all ESI that may be discoverable. When requested in discovery, this ESI must be disclosed. This a generally accepted principle. The second obligation, and in my view equally as important, is to obtain ESI in discovery from opposing parties and nonparties. Without a good understanding of eDiscovery issues, lawyers are not prepared to meet either of these obligations.

The need to have a thorough understanding of eDiscovery issues arises out of the attorney’s obligation to the client. Each lawyer owes a duty of competence to the client. The American Bar Association’s Model 1.1 of the Rule of Professional Conduct reads:

Rule 1.1 Competence
A lawyer shall provide competent representation to a client. Competent representation requires the legal knowledge, skill, thoroughness and preparation reasonably necessary for the representation

Comment 6 to ABA Model Rule 1.1 states: “To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject.”

ESI has the potential to play a role in nearly every case and thus all lawyers must be competent in eDiscovery. Even the business lawyer who does not litigate cases must prepare his client for eDiscovery. Both in-house and outside counsel have been sanctioned for failure to preserve and disclose ESI. Each case must be evaluated to determine the extent of the role eDiscovery will play.

The abundance of ESI, from email to Facebook, copy machines to cell phones, is so overwhelming that it is very rare when a case does not require an understanding of eDiscovery issues. Some lawyers may believe that eDiscovery issues do not permeate their practice or the kinds of cases they handle. They may believe that eDiscovery only applies when large parties do battle and have the resources necessary to hire experts to do ESI searches and to pay teams of lawyers to pour over the results for large volumes of records that are generated by these searches. This is not true.

eDiscovery is important in almost every case. The divorce lawyer will want the email, Facebook, Twitter and other ESI of the soon-to-be ex-spouse. The bankruptcy lawyer representing creditors may want to search for evidence of other assets. A criminal defense attorney will want to look for impeachment evidence. The treasure trove of information contained in ESI needs to be considered by every litigator.

Some lawyers may avoid eDiscovery issues because they fear it cost-prohibitive for their clients. eDiscovery does not have to cost the clients hundreds of thousands of dollars. Depending on what is needed in the case, less costly options are available. After a thorough analysis of the case, the lawyer can provide options to the client depending upon what the client can afford. Ultimately, this the cost of eDiscovery is the client’s decision, but only the lawyer who is thoroughly versed in eDiscovery will be able to explain the options, the impact each option will have on the case, and how the costs compare with the likely benefits.

I urge lawyers to grow in their knowledge of eDiscovery issues, to become inquisitive as to how it can be integral in the cases they handle, and to use this knowledge to be zealous advocates for their clients. There are many organizations that can help walk attorneys through these issues, but regardless, it is each lawyer’s ethical obligation to competently represent her client.

Information Governance and eDiscovery Trends for 2012

2011 has been a transitionary year for information governance and eDiscovery.  Enterprises and governments worldwide have had to come to grips with the sudden acceleration of the use of social media, cloud computing, mobile devices and the resulting explosion in the volume of Electronically Stored Information (ESI).

Some are predicting the end of email in favor ot texting, Twitter and other social media electronic communications.  There are over 100 million users on Twitter each day with 35% utilizing a mobile device.  Facebook now has over 800 million users with 74% outside the United States and 350 million on mobile devices.  There are also over 100 million LinkedIn users worldwide as business social media and the assocication collaboration and communications is now required as a fundamental marketing tool for any serious business player.  Click Here for a more detailed graphic overview of the the growth of social media from the Search Engine Journal.

In addition to social meida, the fundamental infrastructure matured in 2011 to support more serious cloud computing.  Enterprises worldwide began to realize the dramatic cost benefits and potential business benefits of cloud computing.  As a result they gave serious consideration to private cloud implementations and are becoming more comfortable with moving some ESI to public Cloud Service Providers (CSPs) such as Amazon and Rackspace.  Microsoft launched Office360 to enable users to access the Microsoft Office Suite of products as Software-as-a-Service (SaaS) removing the expensive and time consuming software update dance that we all dread.  And, late in 2010, Apple released the iCloud platform for consumer cloud storage and set the stage for literally millions of iPhone, iTouch and Mac users to begin storing their pictures and other personal data in the cloud.

For anyone involved in the world of Information Technology (IT) whether as a user or a technologist, 2011 was definitely an exciting year.  For those of us in the information governance and eDiscovery business, 2011 marked a turning point, both literally and conceptually, for the monitoring, indentification, collection, processing, review and production of electronic evidence.

Is it no longer just an interesting discussion at the local pub to talk about the eventuality of social media as a source of evidence.  There were already close to 1,000 cases in 2011 where the judge issued a written opinion that mentioned social media. Likewise, information governance and eDiscovery in the cloud is longer just an interesting breakout session at tradehows to fill up your 'dance card".  Harvesting ESI from the cloud for the purpose of eDiscovery was a real issue in 2011 and therefore anyone that is serious about eDiscovery from a process, legal and technology standpoint, had better start to pay attention.

Given all of this (and more that I have not even mentioned), 2012 is going to be a banner year for changes in information governance and eDiscovery.  Following are my predictions:

Information Governance and eDiscovery Will Move to the Cloud
As more and more ESI moves to the cloud, the requirement to harvest this ESI "from the cloud" will also continue to grow.  However, there will be a tremendous amount of confusion in regards to exactly what information governance and eDiscovery in the cloud means.  Most, if not all, of the seroius technology vendors will announce that they are cloud ready or work in the cloud.  However, in most cases, this will mean that they are using the same old legacy technology and harvesting data "from the cloud" and processing it the same old way they have been processing ESI and paper for years.  Some of these vendors will have their own data centers and offer up information governance and eDiscovery as as Service.   However, this is nothing new.  The real change that we will witness in 2012 will be virtual technology (not hardware based) that enables users to move information governance and eDiscovery solutions/platforms to the cloud ESI and collects it and processes it in the cloud where it resides.  Physical location will no longer be an issue.  Collection and moving massive amounts of data will no longer be an issue.  The salability of hardward solutions will no longer be an issue.  Staging information governance and eDiscovery respositories in third party service provider data centers will no longer be required.

Enterprises will be able to move virtual information governance and eDiscovery solutions around their networks and private clouds as required to collect and process ESI where it resides. Cloud Service Providers (CSPs) will provide information governance and eDiscovery solutions as part of their standard IaaS and PaaS technology stacks.   Early Case Assessment (ECA) is going to take on a whole new meaning.  This approach is a major paradigm shift in the entire concept of how information governance and eDiscovery should work.  2012 is going to be an exciting year for information governance and eDiscovery in the cloud.

Semantic Search will Go Mainstream
The mystical world of semantic search and natural language processing technology will finally go mainstream in 2012.  New Information governance and eDiscovery technology vendors will emerge that are utilizing this technology as the foundation of their offerings or have seamlessly integrated this technology into their platforms.  Litigators will begin to understand the value of semantic search, courts will begin to accept the results and users will begin to demand its use.  Before the end of 2012, the industry may even recognize the term "Lucene".

Predictive Coding will Go Mainstream
Just like the mystical world of semantic search and natural language processing technology, Predictive Coding will also go mainstream in 2012.  New Information governance and eDiscovery technology vendors will emerge that have seamless integrated this technology into their platforms.  Litigators will begin to understand the value of Predictive Coding, courts will begin to accept the results and users will begin to demand its use.  Offshore coding will become less attractive as Predictive Coding will enable all but the very detailed review and tagging to be done automatically.

Informationn Governance and eDiscovery for Social Media Will be Required
Pushed by the ethical requirements for litigators to understand and utilize eDiscovery for social media and the practical requirements to ensure that all pertinent ESI is being collected and submitted, there will be a  major move by the courts and litigators in 2012 to ensure that social media evidence is being collected and submitted with an appropriate chain of custody and with access to metadata to ensure the validity of the evidence.  And, as a results, legacy ECA vendors will social media file types to their bag of tricks and numerous new Discovery tools for social media will be released in 2012.

End-to-End Information Governance and eDiscovery Solutions
As Early Case Assessemnt (ECA) vendors expand their product lines "right" into document review and case management and as document review platform expand their product lines "left" into ECA, the market is going to have a choice of more end-to-end information governance and eDiscovery solutions.  In addition, we will see the integration of data mapping, legal hold, semantic search, predictive coding, project management, workflow management and case management into these end-to-end solutions.

Litigator Will Become More Technology Savy
Out of both practical necessity and statute ordered requirements, litigators will become more technology savvy in 2012.  The days of the hands-off, don't bother me with the technical details for eDiscovery litigator are quickly coming to a close. 

Information Governance and eDiscovery Pricing will Drop
The move to the cloud along with easily scalable virtual solutions offered up as Software-as-a-Service (SaaS) will enable a dramatic price decrease for information governance and eDiscovery in 2012.

eDiscovery will become a subset of Information Governance
As I have predicted in previous years, as eDiscovery moves to the enterprise, eDiscovery will become a subset of Information Governance in 2012.


In conclusion, 2012 is going to be a very exciting year in information governance and eDiscovery.  Enjoy the rest of 2011 and strap yourself in for a wild ride in 2012.



 

Navigating eDiscovery in the Cloud Shouldn't Be That Difficult

In a follow up to my Blog post titled, "eDiscovery in the Cloud: The Sky Is Not Falling", this Blog post is dedicated to the premise that successfully navigating eDiscovery in the cloud is not as complicated as many are indicating it should be or as complicated as many are making it.

Successfully navigating the brave new world of eDiscovery in the cloud is really just a matter of education and a willingness to move beyond the status quo.  There is no doubt that if you don't pay attention, you and your team will perish on the rocks. However, don't pass on taking the eDiscovery in the cloud journey because it is too dangerous or give up before you at least make an attempt to learn how to save your ship.

First of all, in case anyone missed the memo, the cloud train has left the station.  As an example, independent research firm Forrester Research predicted in a research report published earlier this year titled, “Sizing the Cloud” that the global cloud computing market would reach $241 billion in 2020 compared to $40.7 in 2010.  So, more than likely, whether you want your data in the cloud or not, it is moving quicker than you think.  And, as an end-user, unless you have some kind of cloud storage phobia, it really shouldn't matter that much.  The real debate doesn't start until you couch the question(s) about cloud computing in terms of what happens when your have to perform the delicate and often times messy operation of eDiscovery in the cloud.  If you are a glutton for punishment and like to dwell on all of the negative things that could possible happen in the life then I encourage you to read "The Promise of the Cloud Meets the Obligations of E-Discovery", published on the Law.com website on October 12, 2011 by Brendan M. Schulman and Samantha V. Ettari.  This article does a great job of indicating that the sky is falling and that we are all doomed.  However, as I indicated in the my response to this piece, "cloud computing has already made it and most of us are just fine, eDiscovery in the cloud and all!!"  But, the devil is always in the details and therefore what does this mean in practical terms?

Further, please note that if you are currently doing a bad job of eDiscovery in general, you had better read the Schulman and Ettari article as the sky is going to fall if you attempt to perform eDiscovery in the cloud under your current practices. Once you have completed reading that article and if you still want a road map for successful implementation of eDiscovery in the cloud, come back and finish reading this blog post.

What is eDiscovery in the Cloud?To properly perform eDiscovery in the cloud,  you first have to understand what it is and, probably more importantly, what it is not.  The current crop of litigation technology vendors have done a great job of confusing the market in regards to eDiscovery in the cloud.  However, I believe that over the next 12-18 months, the market will become much more educated and some amount of consensus will begin to form regarding a more realistic and concise definition of eDiscovery in the cloud.

eDiscovery in the cloud is NOT uploading all of your potentially responsive ESI to a litigation service provider's data center and then accessing that ESI via the Internet to perform searches and document review.  That may be Early Case Assessment (ECA) or document review delivered under a Software-as-a-Service (SaaS) model.  But, it is not eDiscovery in the cloud.

Likewise, eDiscovery in the cloud is NOT manually collecting big chunks (that's a technical term) of potentially responsive ESI from your cloud provider and the performing eDiscovery with that ESI the same way you process ESI from your corporate network or from unconnected desktops and laptops (BTW - I am in the process of investigating the nightmare of collecting ESI from your cloud provider and plan to author a Blog post of my findings before the end of the year.  So, if anyone has any input, send it to me and I will consider including it in my post).

eDiscovery in the cloud ultimately means having a virtual eDiscovery process that actually runs in the cloud right alongside of your cloud storage and allows you to perform, Early Case Assessment (ECA) including First Pass Review, possibly preservation and legal hold management, definitely forensically sound collection and the generation of an industry standard load file and/or full on document review and production.  In addition, eDiscovery in the cloud also means that you can operate these processes remotely through an Internet based user interface and don't have to have operational bodies physically inside the cloud data center(s) to perform any of the normal magic that is currently required by many of the legacy hosted eDiscovery platforms. 

Further, eDiscovery in the cloud should also include what I am going to call (for lack of a better term at this point) federated eDiscovery to enable an organization to "perform eDiscovery" on data no matter where it resides.  Currently, users that are supported by competent IT organizations, don't have to worry about where ESI is physically located.  Therefore, eDiscovery professionals shouldn't have to worry either.  This would include ESI behind the corporate firewall, housed with different cloud service providers or housed with the same cloud service providers in different data centers potentially in different countries (don't get me started on the debate regarding the legal issues with moving ESI in and out of countries as that is the topic of a future Blog post). Please note that I am not oblivious to the challenges of moving large amounts of data around.  However, we all might be surprised to learn that class 5 rapids have been successfully navigated in other industries.

Is this Definition Realistic
This definition of eDiscovery in the cloud may sound like something that only Scotty, the engineer from the Star Trek Enterprise, could cobble together with technology from the next century and a good amount of duct tape.  However, the technology exists today and is ready to be utilized with little or no duct tape required.  Therefore, the only real speed bumps on this journey will be convincing the cloud service providers to install the appropriate eDiscovery technology as a standard part of their technology stack, enlisting a new generation of eDiscovery consultants to support the development of best practices for eDiscovery in the cloud and finally to show the market that eDiscovery is no longer a reason to NOT move your data to cloud.  I realize that these are not insignificant roadblocks.  However, providing eDiscovery as a standard part of it's technology stack is a homerun for cloud service providers and the associated services represents a blue water/green field market opportunity for eDiscovery consultants and possibly service provides. Therefore, resistance should be minimal and buy-in should be quick.

What's Next?
In the coming weeks I will be releasing my initial list of eDiscovery technology vendors that can support my vision of eDiscovery in the cloud along with an initial overview of the best practices.  If anyone has any input that you believe should be included in these upcoming Blog posts, send them to me and I will consider including them.

In the mean time, if you are concerned with moving your data to the cloud and are hesitant because you are concerned about eDiscovery or if you are currently faced with the daunting task of extracting your ESI from a cloud service provider, contact me as I can help you successfully navigate your way through this paradigm shift.