Contracting for E-Discovery Competence

Contracting for E-Discovery Competence

Jeffrey Ritter, Esq., CEO and Founder, the Ritter Academy

Managing digital information as evidence now requires that corporate clients of law firms think differently about the terms of their engagement letter with a law firm.

In today’s digital business environment, a law firm is no longer merely offering its skills as a trial advocate. Instead, to differing degrees, the law firm is also offering its competency in acquiring and managing the portfolio of IT systems, software, data storage services and communications tools required for electronic discovery. In addition, a law firm is representing that its zealous advocacy of a client will include sophisticated and increasingly complex project management services, including the selection, employment and supervision of employees and sub-contractors (located both domestically and around the world) acting as analysts, review attorneys and data forensic investigators.

The result is a network of contracts, statements of work, billing statements and invoices that are rarely visible to the in-house counsel. Unfortunately, when something goes wrong, that network of documents (including their terms and conditions on allocating liability among the participants) comes under the microscope. The June 2011 lawsuit and complaint in the case J-M Manufacturing Company, Inc. v. McDermott Will & Emery (No. BC462832, Calif. Super., Los Angeles Co.) for malpractice and negligence in e-discovery procedures highlights the type of jumbled chaos that often exists—the complaint lists 100 unnamed “Does” as co-defendants!

Discovery will eventually publicly unfold the truth in that particular case. What is important are the immediate lessons that in-house counsel can extract from the mere fact that the complaint was filed. Simply, as clients, in-house counsel must re-think the structure and substance of their engagement letters and insist upon a contract model that reflects their requirements and implements the company’s best practices in outsourcing IT and professional services.

Many companies have already recognized that law firms are custodians of some of the most sensitive and valued digital information assets of their business—the evidence of their innocence or responsibility for the losses that are claimed in any lawsuit. As a result, engagement letters are beginning to incorporate terms and conditions addressing information storage, information security and allocating risks of loss resulting from improper access or destruction of data in control of the law firm. A strong corporate chief information security officer is a good indicator that those types of engagement letters are in place.

But much more can be included in the engagement letter to address realistically the risks the company faces in placing its trust in a law firm’s full responsibilities for managing IT portfolios and complex project management services by multiple contractors. Here are just a few of the key questions to be asked, for which the answers become required contractual elements in the engagement letter:

• How does the law firm manage its own information security?

o What controls are used to validate the security and integrity of any e-discovery that vendors employed to collect or process the electronically stored information (ESI) in this case?

o What security standards or certifications are in place for each entity that will hold and process our ESI?

o If personal information is part of the collected ESI (such as customer loan applications, medical histories, academic records, performance evaluations, electronic mail content, etc.), how will privacy laws and regulations be satisfied?

• What is the level of e-discovery training that each attorney or staff member assigned to the case will have received?

o What steps are taken by the law firm to confirm the competency and experience of contract attorneys hired to review evidence for production and/or privilege?

o How will review instructions be developed and approved by the law firm?

o What supervision will be provided to assure review instructions are being performed?

• How will liability for risks in the improper review or production of ESI be allocated among the client, the law firm and the service providers?

o What technologies and tools will be employed to automate and document the review process? What experience does the law firm have in using those tools and managing their use by contract attorneys or e-discovery firms?

o What search logic, methodologies and review procedures will be employed to assure the functional accuracy and integrity with which the review tools are administered?

o If privileged content is involved, what are the procedures the law firm will employ to assure no unwanted disclosure occurs?

In most companies, in-house litigation counsel are also not responsible for negotiating technology licenses, outsourcing, data storage services or complex professional service agreements. But, from this point forward, the law firm engagement letter will require those skills to be applied. To do otherwise is to expose a company to the catastrophic potential that the outcome of a case will be measured, not by the merits, but by the quality of the contracts under which the law firm performed its services.

The Ritter Academy delivers authoritative, trusted training and practice tools to corporate law departments, IT professionals and records managers on e-discovery. Online, on-demand courses and lessons enable the entire corporate team to learn from one source, and acquire process maps and tools that place everyone visually on the same page. To learn more, visit the Ritter Academy.