Entries Tagged 'eDiscovery' ↓

At the time of Autonomy’s Q2 results last week, a fair few commentators said an acquisition of Open Text was imminent. We know that a large deal is imminent and the enterprise value of Open Text (OTEX) is in Autonomy’s ball park. Plus OTEX – itself a roll-up machine somewhat akin to Autonomy –  isn’t exactly in the rudest of health right now.

On the earnings calls CEO Mike Lynch said Autonomy’s next major acquisition would not be done to buy growth (we have already expressed our thoughts on that), nor would it be done simply because the price is right. It would have to be a strategic move, a game-changer. Well, OTEX isn’t that, in our mind at least. So what would such a deal give Autonomy?

Sure, it would give it practically all the document management business in the legal sector. But so what? Autonomy already has a lot of that via its Interwoven acquisition. It would also bring with it yet more overlapping content management products and a collaboration business being eaten by SharePoint. On the plus side, it would roughly triple Autonomy’s customer base to about 65,000 organizations.

Of course, I could be completely wrong and August 18 could be the date on which that is proved, as it’s OTEX’s Q4 results announcement. That is, if SAP hasn’t got there first.

Still, Tibco or Informatica make far more sense to us as truly strategic acquisitions for Autonomy. But of course, in order to buy something you have to find a willing seller, and we’re not so certain those sorts of companies relish the prospect of ending up inside Autonomy as much as a company that has few other choices might do.

Clients of 451 will have seen our report yesterday on Autonomy’s Q2 and 1H10 results. I won’t repeat it all here but in it we looked at the some of the more puzzling aspects of the company’s numbers. These include:

• Organic growth:  “IDOL product” revenue of $62m this time was in contrast to $47m in Q1. It said at the time of the Q1 results on April 21 that it had $10m of hardware inventory, which most understood to be its Arcpliance archiving and ECA appliance. It said it had already sold most of that in Q2. That is a new product, so if that $10m is removed from the $62m (since it’s recognized as up-front license revenue), and a little bit more is taken off for sales to federal government via the recently-acquired MicroLink (Autonomy trumpeted a multimillion dollar federal deal in Q2), then you get very close to the $47m figure from Q1, and thus, next to no organic growth. That compares to the company’s claim of 19% organic growth for IDOL in the quarter and 13% across all products and services.
• Cloud & SaaS & hosting: Autonomy gives out some seemingly helpful but often confusing metrics in terms of its product breakdowns. It said  SaaS-based revenue accounted for more than one-quarter of the company’s revenue in the first half. fair enough, and pretty interesting. But it also attributed revenues of $47m (out of $211.6M in total) to what it calls “IDOL cloud.” That’s 22%. However that isn’t one of the terms used in the way Autonomy packages its products so it’s hard to tell what it is. For instance, how much of ‘IDOL cloud’ is Zantaz’s hosted archiving product isn’t clear.
• Services: It puzzles me how a company selling a product that is powerful, but complex to implement, as Autonomy is, can make do with next to no professional services, instead relying almost solely on partners. This tends to leave customers – especially those spending less than $1m with the company – with a lot of integration work on their hands. It also puzzles us when it goes and picks up a service firm like MicroLink, paying $55m for assets it says are worth $1m with the rest being goodwill (as it disclosed in Q2’s results).
• OEM: The company said that OEM is its fastest growing revenue stream. It should also be noted that Autonomy sells two main products via its OEM channel. One is IDOL, the core search and categorization engine. The other is KeyView, the set of file filters it got with its acquisition of Verity almost five years ago. The former costs a lot more than the latter, and once the customer has implemented it, the former is a lot harder to replace than the latter. Nevertheless, when Autonomy announces a new OEM customer or a renewal, it usually doesn’t differentiate between these two. Incidentally it made a bold claim on the call yesterday, namely that almost all the major archiving vendors are OEM customers of Autonomy, which means all its main competitors in that space as it’s very much an archiving vendor too. In cases like that it’s quite important to distinguish between OEMing IDOL and OEMing KeyView as the former is much more of a differentiator than the latter.

There’s more in the report but mainly in the form of other things that puzzle me about these numbers, rather than a list of answers. Still, another acquisition is sure to come along soon  and change the picture again.

Continuing on our dive into forensics for e-discovery, today we cover more on the reasons for using it in practice, as well as highlights from CEIC 2010. . .

Now that we’ve examined the technology involved, one question remains: do you need forensically-defensible collection for e-discovery?  The answer is: not necessarily. Many lawsuits do not require this depth or scope of data collection (such as collecting from RAM), particularly civil cases.  And for general defensibility purposes, courts do not expect perfection.  The goal is a reasonable, good-faith effort to accurately preserve data and metadata with a repeatable, documented process  – one you can testify to in court if necessary.

Why use a forensic approach at all?  To the layman, forensics can sound hard and even scary, as well as potentially expensive and time-consuming – some vendors even refer to it as “the F word.”

Well, at this point you should consult a lawyer or expert – the goal is that you never have to use it.  But here are some good reasons to at least educate yourself about it:

1) Forensics has impressive capabilities, and the technology is cool – a.k.a. “the CSI defense.”  E-discovery is not just paper-based discovery on a computer.  The “paper trail” is now digital, and it’s important to know about this technology’s potential for the legal field, as well as the risks involved.  Like the fact that your deleted files are not really gone.

2) Forensic evidence is critical in trying some cases where the “smoking gun” isn’t just buried in a terabyte of text and document-level metadata – criminal matters, or trade secret or insider trading cases where you might have to dig through ‘track changes’ or reconstruct an IM history from RAM to see who knew what, and when.  E-discovery requires a tool box, and forensics can be an important one of those tools.

3) Targeted collection has its own benefits as an approach to e-discovery collection.  Forensics vendors argue that existing enterprise search tools are only as thorough and current as their latest index.  Likewise, preemptively storing data in a repository like an archive, ECM or Records Management system promises easier retrieval, but is not practical for all organizations and all types or volumes of data.

4) Last but not least: court defensibility (if done reputably by a qualified person with appropriate tools – this is not legal advice in any form).

I will leave it to the experts to flesh out the rest of the forensics story (or take issue with my cribbed-notes version in the comments), but a few show highlights from CEIC:

Exhibitors: As this was a tech show, I’ll lead with the tech.  While CEIC is unquestionably Guidance’s party, there was plenty of co-opetition on the exhibition floor from forensics rivals AccessData and Nuix, e-discovery appliance vendor Clearwell Systems, the now-integrated EMC SourceOne-Kazeon, and growing forensic consultancy D4, which showcased review tool partner kCura’s new Relativity 6 release.  451 subscribers can read about Guidance’s EnCase E-discovery V. 4 here, EMC’s new SourceOne for SharePoint here, a report on kCura here, and look forward to an imminent update on Clearwell 5.5, plus new coverage of AccessData and Nuix.

I recommend checking out the demos if you have the chance.  It’s interesting to see how technology evolves to make different active and dynamic data types accessible, both for collection (SharePoint is a big problem here – EMC, FTI and Nuix all debuted tools for it recently) and for attorney review.  For example, kCura’s latest release has a pivot table feature for attorneys to drill into large amounts of structured data like text messages intelligibly, as you would in Excel.

All-star cast:  CEIC ‘s 2010  e-discovery track featured some marquis panels on judicial opinions, international privacy regulations, advanced search and retrieval, and case law updates.  Many presenters are also on Guidance’s Advisory Board (which was meeting during the conference), so they actually stuck around after their sessions and gave attendees the chance to monopolize their attention at lunch and happy hour.  UK e-disclosure expert Chris Dale has a good run-down on the judges, which included Hon. Judge Peck, Judge Donald Shelton and Senior Master Steven Whitaker from the UK.  Also present: EDRM founders George Socha and Tom Gelbmann, the oft-cited Craig Ball, Browning Marean of DLA Piper, and of course Melissa Hathaway, former presidential Cyber-security Czar and worthy successor to last year’s keynoter Leonard Nimoy.

Browning gave a plug for Recommind‘s Axcelerate and Equivio Relevance‘s predictive coding capabilities for review during the search and retrieval panel, which thrilled me as a text analysis and search enthusiast.  451 subscribers can read more on these tools in our past coverage, or the recent long-form e-discovery report.

Users:  There really are no seat-fillers at CEIC; attendees are not just there for a Vegas getaway with continuing education credit.  Everyone I met was a practitioner and formidable techie, many from large companies and government organizations with high-volume litigation or internal investigations.

My conversations with them confirmed for me that e-discovery is still a case of “one size fits all nobody.”  When I asked about their go-to forensic brands, some users told me that each vendor’s tool has strengths, and ideally you should have access to and knowledge of several (if you can justify the purchase to accounting).  Some also use multiple “end-to-end” e-discovery platforms to suit their litigation requirements and cross-functional business processes.

One final thought to wrap this up.  The “e-discovery toolbox” analogy I keep beating to death is stolen extrapolated from George Socha’s advice on search methods: As in any project, you need to know your materials and understand what tools are best for the job.  Each has strengths in particular circumstances or scenarios, and with certain data types, locations and volumes.  It depends on your requirements and what results you’re looking for.

This year marked the 10^th anniversary of the Computer and Electronic Investigations Conference (CEIC), a show hosted by Guidance Software focusing on digital investigations in forensics, e-discovery and cyber-security.  I’ll be reviewing this event in two posts, because there’s a lot of ground to cover here – check in tomorrow for some show highlights and more on forensics in practice for e-discovery.

As you might guess, both the crowd and the content at CEIC had a heavy technical and practitioner bent, along with a refreshingly low BS-quotient – good attendance and engagement at the in-depth sessions, not a lot of swag-grabbing seat-fillers milling around the exhibition floor.  Forensics has traditionally had strong traction in law enforcement and government, but the new EnCase E-discovery certification exam (EnCEP) and cyber-security track brought in good numbers of private sector attendees from both IT and General Counsel as well.  Overall attendance reportedly grew about 40% this year to 1300.

At this point, some of us without EnCE certfication may be wondering, “why is forensics important to e-discovery, and what is it anyway?”

The bottom-line in practice is that forensic collection and Guidance’s EnCase format in particular have very strong court defensibility.  From a broader market perspective, Guidance is the only US e-discovery software vendor to go public (in 2006), and has an enviable customer base among the Fortune 500.  All this is to say that while forensics is an expert-grade technology, it is not at all a niche.  In fact, Guidance was #1 in our recent user survey for current usage at 23%, while rival forensics vendor AccessData was cited by 11% of respondents’ planning to purchase e-discovery software or services in 2010.

And what exactly is forensics?  Here I will steal paraphrase liberally from forensic examiner, attorney and expert at-large Craig Ball :

Computer forensics is the expert acquisition, interpretation and presentation of active, encoded and forensic data, along with its juxtaposition against other available information (e.g., credit card transactions, keycard access data, phone records and voicemail, e-mail, documents and instant message communications and texting).

What kind of data are we talking about?  According to Craig: any systems data and metadata generated by a computer’s OS and software (for example: the date you create an MS Outlook contact), as well as log files, hidden system files, and deleted files.  Many tools also handle encrypted files and have additional functions like scanning images to detect pornography – CSI-grade stuff.

The most familiar forensic method of gathering evidence is imaging an entire hard drive, i.e. creating an exact duplicate of every bit, byte and sector, including “empty” space and slack space, with no alteration or additions to the original data.  However for e-discovery purposes, processing and reviewing that much data from a large number of enterprise machines would be prohibitively expensive and time-consuming.  Not to mention the risk of finding things you’re not looking for (even potentially criminal data like pornography which must be reported by law), and the danger of making incriminating data or deleted files accessible to opposing counsel.  For these reasons (among others), vendors like Guidance offer “targeted collection,” often through desktop agents installed on laptops and PCs which automate searching and collections by specific criteria across the network.

Tomorrow’s post will feature CEIC highlights from users, vendors and speakers, plus more on forensics and the e-discovery use case.  In the meantime, for some additional perspective check out #CEIC on Twitter [update: or #CEIC2010], or blog coverage from Craig Ball, Chris Dale and Josh “Bowtie Law” Gilliland of D4.  Many thanks to them and to the others who shared their experiences with me.  Stay tuned.

Some of the best-kept secrets in e-discovery are not the kind revealed in a courtroom.  We all know about legal confidentiality, but the IT side has its own code of silence – call it “analyst-client privilege.”

It’s not that users and customers won’t talk about their vendors and methods – especially if they’re unhappy with those vendors, or have a horror story to share, which many do.  But users rarely go on-the-record with specifics in e-discovery.

So this year we introduce our first annual user survey.  It’s available as part of our just-released E-discovery and E-disclosure report for 2010, or you can access a copy through Applied Discovery here.  It will also be featured in our upcoming BrightTALK webinar on Thursday, May 27th at 12 noon ET, presented by Research Director Nick Patience.  Register here to attend.

And what did we learn?

Users report that corporate litigants still overwhelmingly use existing in-house resources and employees to fulfill discovery requests.  In spite of vendors’ claims that the market demands one throat to choke, customers still purchase tactically depending on their requirements.  About half perform e-discovery on an ad-hoc basis with no repeatable business process or dedicated staff.

What they are buying is even more revealing – our data gives the distribution of usage between 50+ vendors, with purchasing broken down by product or step in the EDRM (Electronic Discovery Reference Model), and whether customers choose software, services, law firms or in-house systems for each function.  Cross-tabbing by industry, company size, volume of litigation and legal budget shows even more granular trends and hot spots in what remains a highly fragmented market.

Beyond a snapshot of current holdings, half our respondents have shopping plans for 2010, showing shifts in vendor traction and product purchasing.  Users have strong predictions of their own for the market as well.  They are clear on pain points in the process and vendor selection criteria.  That said, future purchasing plans show little critical mass on vendor selection – it’s still anybody’s game in e-discovery.

And what about the cloud?  Or information governance?  Is cost still king for everyone?

Join us for a thorough run down of the state of the market in 2010 – a view from the front lines of e-discovery.  Register here to attend.

I’m very happy to say that our new report on the e-Discovery/e-Disclosure market  – E-Discovery and E-Disclosure: Bringing it all back home – is now available to clients and non-clients alike.

The report contains:

• User survey – a survey of 140+ end users about their current e-Discovery products, their purchasing plans over the next 12 months, the state of their budgets now and in the future, their pain points and how they execute their e-Discovery strategy – or even if they have one.
• Detailed profiles of 32 software and service providers from the US and Europe.
• Analysis of the current issues and drivers in the market and how we think they may evolve in the future, including issues such as litigation preparedness, early case assessment, in-sourcing of e-Discovery (hence the sub-title), cloud computing and regulatory and legal challenges in the US and Europe.
• The market landscape including a detailed breakdown of how vendors map to the EDRM and a look at the markets that e-Discovery impacts upon, including archiving and information governance.
• M&A analysis – forward-looking analysis as well an examination of past valuations.

The report was written by Katey Wood (@KWood451) and myself (@nickpatience). Any questions regarding the report can be addressed to either of us and we can also let you know how you can buy the report whether you’re a 451 client or not.

IQPC’s 3^rd E-discovery conference for Financial Services felt like a spa day after LegalTech. You get your CLE credit in a room of less than 40 people while being fed gourmet cookies in a comfortable chair with an expensive view of Times Square – unlike LegalTech, where you spend half your time in an elevator of 40 people, and someone has pushed the button for every floor.

There were some noteworthy insights for anyone considering an investment in e-discovery software or services.  We’ve been crunching numbers for our E-discovery User Survey this week, with some interesting results:

• the overwhelming majority of respondents were still performing every part of e-discovery primarily in–house
• but about half were planning to make an e-discovery purchase in the next year
• however a large number of them hadn’t finalized their choice of product or vendor.

So, how to choose?  Well, in the wake of “Zubulake Revisited,” there is now more judicial guidance on the e-discovery process and certainly more at stake.

To get an idea of what the courts are looking for and how companies are adapting, I attended IQPC’s Judicial panel on avoiding sanctions, as well as the panel on building a corporate e-discovery response team, featuring e-discovery senior management from Lehman Brothers Holdings, Barclay’s, MetLife and Bank of New York.

A few takeaways:

• Judges on the sanctions panel were not sympathetic about high data volumes, saying “Lawyers just have to start dealing with it and make requests and responses appropriate.”  They rejected objections to “burdensome” ESI production requests and criticized litigants for lying about production costs to avoid producing data. One recommended native file production to cut costs rather than requesting images or paper (!)

• Judges called for earlier preservation with a written legal hold, particularly in the wake of Scheindlin’s “Zubulake Revisited” opinion, which they called a “shot across the bow.” One claimed that some companies spent ten-digit numbers on preservation alone, especially if they’re caught at a late stage and can’t easily go back. That figure sounds like I must have misheard, but I don’t argue with judges.

• Judges criticized the lack of cross-functional IT and legal expertise at Meet and Confer and in collection of data. They recommended consultant Craig Ball’s 50 questions to prepare for Meet and Confer [pdf], and advised that e-discovery collections be supervised by someone who should anticipate having to testify in court.

• In the corporate E-discovery panel, Lehman Brothers Holdings (the entity responsible for administering all of Lehman’s litigation) reported standardizing on a single review platform for collaborating with all of its law firms, claiming that they initially had “big fights,” but eventually everyone accepted it – probably no mean feat considering the volume of litigation Lehman faces.

• Another panelist noted that more corporations are taking control of review as well as collection and the earlier stages of e-discovery.  She advised that law firms should analyze legal issues but corporations handle the facts, doing as much review as possible in-house or outsourcing it at lower rates to cut costs.

• No one on the corporate panel had any major objection to using SaaS e-discovery or storing legal data in the cloud.

Food for thought.  We are wrapping up our E-discovery User Survey this month and distributing results, which will also be included in our upcoming e-discovery long form report – contact us if you are interested in purchasing.  And many thanks to everyone who has participated in the survey.

There’s a special section in this week’s Economist on information management, entitled Data, Data Everywhere. It’s always good when your area of interest and coverage is on the cover of such an illustrious magazine. However, I read it and downloaded the PDF (which you can do as a subscriber) and searched that, and to my surprise there are two significant words close to my heart that don’t appear anywhere in the report. They are:

• discovery (as a short hand for e-Discovery, or just on its own)
• governance (as in information governance)

I know the author, Kenneth Cukier, he’s an excellent technology journalist and thinker with years of experience (we both spent perhaps way too long at the various meetings that hosted the various fights for control of the internet’s domain name system (DNS) in the 90s that led to the creation of ICANN).

Ken’s focus in the report was more on the data deluge created by the internet and how that affects individuals, mainly in the context of being a consumer, exploring issues such as personal privacy, and how companies such as Google and Wal-Mart manipulate ans profit from data. There was very little talk about the problems that creating, storing, searching, archiving and deleting information imposes on companies.

And although there is a section on new regulatory constraints, it was again focused mainly on privacy, personal information as a property right, and the integrity of information held about individuals by corporations, with a token nod on the need to preserve digital records, but again looking at it from a consumer’s perspective.

All important topics, for sure. But not the one that a lot of companies are spending a lot of money grappling with now and in the future.

Now I’m not naive, and didn’t expect a multi-page spread on litigation support or an exploration of what early case assessment means in a weekly magazine with such a broad readership as the Economist! But I thought that given that e-Discovery and more recently, information governance are shooting up the list of priorities of many CIOs (the ‘i’ does stand for information, after all) as realize that without appropriate litigation readiness and information governance in place they could find themselves in a financial and legal sinkhole, I thought it warranted at least a paragraph or two among the 14 pages of text.

Update: Clearwell’s CEO Aaref Hilaly posted something on the same subject at almost the same time as me.

Nick and I spoke with about 30 software & service providers at LegalTech in New York this year; that’s in addition to the 30-some briefings (with some overlaps) last month for March’s upcoming annual e-Discovery report. We have a more comprehensive LegalTech wrap-up of vendor developments and shifts in the market landscape for our clients here , but here are some of the themes that came up at this year’s well-attended show. ALSO: we’re still soliciting end user participation in our e-discovery user survey, which you or your customers can access here, or contact me for more information  – all participants will receive a copy of the results.

Defensibility and the Scheindlin Opinion: Judge Scheindlin’s ruling in University of Montreal Pension Plan v. Banc of America was a hot topic, particularly the 85-page opinion “Zubulake Revisited: Six Years Later.” (pdf) It defines culpability for defensibility failures in ediscovery, i.e. what constitutes negligence, gross negligence and willfulness. Some of these include failure to issue a legal hold, incomplete collections, destruction of email or tapes, failure to preserve metadata and failure to determine accuracy and validity of search terms. It’s great to see some concrete guidelines, with obvious implications for e-discovery software and services. I found a concise wrap up here and from law.com here.  Software vendors are taking note, and already incorporating the ruling into their marketing.

Price sensitivity: Increased competition in the ediscovery market, lower budgets in legal departments, and more flexible law firm pricing due to pre-review data culling, LPO, AFA’s, etc. all contributed to greater industry price sensitivity this year, with more customer choices and influence in the market. Software and service vendors expanded pricing options and continued to target the outside legal spend from general counsel in their offerings. E-discovery service providers added per-gigabyte contract review to their software and service processes, and offered either “review management” or extensive collaboration with outside counsel. Software vendors offered more project management and monitoring capabilities for tracking time, cost and productivity. Collaboration workflows designed to lower outside counsel fees came up. Vendors increasingly talked about reuse of reviewed documents as another cost savings measure for serial litigants. Some vendor messaging was downright conspiratorial in insinuating that corporate legal could use software to throttle the law firm spend; although many e-discovery vendors have large law firm customer bases, the enterprise accounts remain lucrative and coveted.

New software releases: With deal sizes decreasing at some of the highest price points, there has been increased competition both from upstarts aiming to undercut the bigger names and the bigger names making a play for the mid-market. We heard a lot of “flat is the new up” last year, and many vendors seem to be hustling even harder to win customers by expanding to platforms or trying to tick all the RFI boxes with new features of varying validity. Even more than last year, vendors claim to be end to end and predict that customers want one throat to choke, and they’re attached to it. The customer market is more educated and savvy about its own requirements this year, which lowered the marketing artistry quotient quite a bit, but some of the features we saw added for legal hold, data mapping, retention and disposition policy, review, collaboration, and workflow are better than others. As much as customers may be tired of stringing together point tools with additional budget line items for auxiliary integration or conversion costs and extra fees, most of the products we’ve seen are not the silver bullets they promise – customers should continue to educate themselves about their organizational needs, what other companies are doing, and what the market has to offer. And vendors should consider that unhappy customers are usually the loudest ones.

Early case assessment: All the ECA product releases in the last year seem to have made it a de facto step in the ediscovery process, the only argument remaining is how early it should occur – as early as the initial data gathering at identification and collection, or just before review but after processing? The need for processing itself was a matter for debate – CaseCentral gave its direct Symantec Enterprise Vault connector a big push, but processing vendors advocate just as strongly for the benefits of thorough metadata extraction and preservation.

Information Management Reference Model: We missed the EDRM luncheon, but spoke with Reed Irvin of CA and Sandra Song of H5, the co-chairs of the group tasked with expanding the first box of the EDRM diagram into its own full Information Management Reference Model (IMRM). The working draft is a series of concentric circles outlining the information lifecycle from creation to retention, disposition, discovery and storage, including the architecture and business drivers behind these processes. We’ve written previously on the push for information governance in establishing a litigation preparedness and information management strategy, and are glad to see some structure and industry thought leadership put to these initiatives.

M&A: Lots of M&A buzz this year, unfortunately a lot of it speculation about vendors suspected to be looking for a necessarily swift exit.

A great show this year overall, and many thanks to everyone who took the time to speak with us.  We will be wrapping up the e-discovery report in the next month.  Watch this space.

Early case assessment – the most prevalent buzzword in e-Discovery int he past 12 months, I’d wager – is the subject of a webinar I’m doing this week with StoredIQ.

The main point I’ll be making that in order for ECA to be useful then it truly needs to be early; there is little point in waiting until the review stage, when high-fee lawyers are busy plowing through the information.

At that point you’re already incurring the costs of full review, so if you’re still in the process of culling .exe or .dll files from the stack then you’re wasting a lot of money, while also increasing your risk exposure of sensitive information leaving the enterprise when it doesn’t have to.

Webinar Title: Early Case Assessment – When Earlier Really Matters
Date: January 27, 2010
Time: 3:00 PM (ET)

You can register for the webinar here.