The E-Discovery Playbook
The E-Discovery Playbook or Litigation Response Plan is a living document that is continuously modified to define an organization’s approach to the preservation, collection, processing, reviewing, and final disposition of data at the conclusion of a matter. It describes each step along the way; the roles and identity of each stakeholder; and the detailed consistent, repeatable, and defensible instructions for each step in the process. Preparing this document is itself a training exercise that uncovers unknown hazards that are now planned for and included in the Playbook.
The Playbook must address the different goals of the stakeholders representing IT, security and privacy, records, and HR. The Playbook is ultimately an organization’s resource serving as a reliable guide for when preservation is triggered.
Scope and Purpose
Communication is the overall theme of the Playbook. E-discovery has a language of its own and using a word or phrase incorrectly can result in different meanings being applied. Any litigator should agree that the misuse of a “term-of-art” could spell disaster during a trial. In e-discovery, when an individual unfamiliar with the interplay between e-discovery law and technology fails to navigate its treacherous waters, monetary sanctions, adverse inferences, and terminating sanctions are all potential outcomes.
The Playbook defines roles and brings people and processes from multiple disciplines together to achieve one consistent, defensible, and repeatable result. It sets expectations by documenting standard operating procedures and best practices. When done right, the Playbook will mitigate risk, create efficiency, and reduce costs.
- Prepares the organization to assess and understand its own technology and the information types created by that technology
- Provides stakeholders with insight into understanding any limitations and sets expectations for counsel and the court
- Provides needed information for the “meet and confer” and is a building block for a discussion on proportionality
The Playbook generally begins with the duty to preserve, but some may also include a pre-litigation and information governance process. When a potential trigger event occurs, the Playbook should provide a means to evaluate the event to determine if a duty to preserve exists.
Examples of Trigger Events:
- Catastrophic event
- Government subpoena
- Receiving a complaint
- Co-workers assume litigation is coming
Examples of Events that Require Further Evaluation:
- Demand letter from counsel
- Verbal statement from party or counsel
Those events that require further evaluation and fall short of reasonable anticipation of litigation may end the exercise or it may cause the event to undergo additional scrutiny over time. When the duty is triggered, the Playbook contains instructions on how to open a new matter, notify stakeholders, stop all auto-deletion practices, and issue the litigation hold. Playbooks should also contain guidance on how to interview custodians—individuals directly involved or individuals with knowledge of the matter to illicit the sources and systems that contain potentially relevant information. Preservation and collection instructions are contained in the Playbook and, depending on the specificity, there may be step-by-step instructions for certain systems, departments, or individuals.
Playbook appendices may also contain templates or drafts for certain documents including hold notices, reminders, chain of custody, collection and tracking logs, ESI specifications, etc.
Guidance should also be provided for the conclusion of the matter. All too often, data is left on servers that would have otherwise been destroyed under the retention policy. The final disposition of the data should be included within the Playbook. Every organization should know where its data is housed and when it will be deleted.
The Playbook should contain preservation and collection checklists that are customized to the organization’s systems. Certain systems have appropriate self-collection features while others require digital forensics intervention. The Playbook should identify these systems, the administrator for each, and best practices on how to collect. Details such as filtering by date only and not keyword may make sense for certain systems.
The Playbook should address in great detail how data is collected and handled throughout the process. When a third-party service provider is engaged or internal resources are leveraged, communication becomes more critical. Memorializing the expectations and responsibilities between the provider and the legal team is critical for a successful relationship.
Comprehensive Playbooks include a standard workflow and even a workflow to address specific recurring needs of the organization. This means workflows include processing specifications that detail default options pertaining to email threading, deduplication, time zone, custodian organization, default metadata fields, etc. Processes could even address default options for specific types of matters (i.e., the deduplication process for a government or internal investigation is potentially different from civil litigation).
Relevance is obviously case-specific and not included in the Playbook, but an organization maintains a significant amount of junk email that obstructs the relevant communications. A Playbook should therefore embrace this and other institutional knowledge and include default culling and filtering steps to remove that junk before lawyers see the data.
Default review configurations and coding panels are included, and many organizations include Continuous Active Learning (CAL) and Technology Assisted Review (TAR) protocols as standard workflows for certain matters.
The exercise to gather stakeholders and draft the Playbook is a significant step, and you should be congratulated for completing it. But implementation and training are key to ensuring this effort is successful. Each time the Playbook is referenced, a new opportunity is presented to monitor and measure the organization's response, address stakeholder input, and make process improvements as necessary.
Playbooks will become stale and should be periodically reevaluated, especially when changing or acquiring new technology.
The E-Discovery Playbook is a key resource for those organizations that find themselves constantly preserving and producing data. When followed, the Playbook provides a documented reference that is defensible and repeatable.