Reporter:  Christian Aust

Trilantic is a leading U.K.-based legal support provider that focuses on electronic discovery services.  They sponsored a double-panel for the International E-Discovery track at LegalTech.  The panels introduced and discussed EU data protection rules and their practical implementation, including how corporations must respond to U.S. litigation and regulatory matters involving data held in the EU.

The importance of understanding EU data privacy issues when embarking on electronic discovery outside of the U.S. cannot be understated. Litigation, regulatory and compliance matters often require rapid data collections, which if not done according to the rules, could result in breaking criminal laws. Corporate and law firm attorneys therefore must stay abreast of current laws and regulations governing that data to ensure it is handled properly throughout every step of the process. 

The panel was moderated by Nigel Murray, Managing Director of Trilantic.  Participants in the session panels included:

From the EU:  Senior Master Whitaker( Senior Master of the Supreme Court and committee member of the Hague Convention); Chris Dale (founder of the e-Disclosure Information Project ); and Vince Neicho (Litigation Support Manager, Allen & Overy) 

From the U.S. : Judge Andrew Peck (Magistrate Judge, Southern District of New York);  Browning Marean (partner, DLA Piper); George Rudoy (Director of Practice Support, Shearman & Sterling); Maura R. Grossman (Counsel, Wachtell, Lipton)

Part 1 

It is necessary for U.S. companies to understand the legal complexities of collecting, culling and reviewing data from multiple countries.  And it is a two step process:

The first step is to create and implement a solid litigation readiness and response plan.  When litigation hits, the second step is to harvest and process the data. 

What should organizations be doing?  In the US, the need for corporations to create and implement a solid litigation readiness plan is ever increasing due to both the sheer volume of litigation that corporations are facing and the costs associated with eDiscovery.  Outside the US though, this need may not necessarily be so acute.  For example within the EU outside of the UK, any litigation which a corporation is involved in that is to be heard by the local courts involves no discovery.  So, if there is no obligation to find and hand over documents, then why spend the cost of preparing for such an eventuality?

The exception to this though is when corporations are facing regulatory enquiries, whether these be under the Foreign Corrupt Practices Act, competition inquiries or other agencies. 

Historically, many corporations based in Europe have taken the view to “self-insure” – i.e. spending money in preparing for an unlikely eventuality is not viable and if such an eventuality was to hit them, then to accept that the associated costs are part of doing business.  This however is slowly starting to change as corporations are increasingly facing regulatory enquiries. So, European subsidiaries are having to adopt some of the processes and procedures being used in the US. 

The real first step for any organization is to have a document retention policy (for instance, determining what documents should be retained, for how long and where these documents should be stored, etc). Their document retention policy should also include the procedures for systematic destruction of documents. They should also have procedures to monitor and enforce compliance with these policies. 

The company then needs to establish a protocol for responding to requests for electronic documents. The protocol should encompass identifying potential sources for relevant information and preservation of this information. It should also address the methods for extracting the data, and identifying and reviewing relevant documents.

As part of this plan you need to choose whether you have the resources and wherewithal in-house to collect and process elements of the electronic discovery or whether you need a partner who can work with you in a highly collaborative approach to meet your needs, one which is locally based and who understands the local rules and regulations. 

Harvesting and processing the data.  Now, how is this done within the EU?  The European Union’s Data Protection Directive prevents companies sending personal data outside of the EU except when the destination country has been pre-approved as having adequate data protection. Only a handful of countries – Argentina, Canada, Switzerland, Guernsey, the Isle of Man and Jersey – have qualified as having adequate protection. 

Despite these European provisions to protect personal data and restrict the transfer and use of that data, U.S. courts have been largely unsympathetic to defendants facing these obstacles and have even sanctioned companies who have failed to comply with discovery requests that violated local and international data privacy laws. 

All countries of the EU have their own data protection acts however over the last year there have been two key realizations:  data is being collected wholesale and shipped to the US with total disregard to the individual country rules; and there needs to be a mechanism in place to ensure that court requests for documents can be met without compromising the fundamentals of the right to privacy of the individual.  There has been a lot of discussion as to how these conflicting requirements (US courts versus the rights of the individual) are going to be resolved.  

The panel noted there have been two recent announcements in this area: 

On 1 September 2009, Germany made some important amendments to their Federal Data Protection Act (The BDSG).  The most relevant amendment: data controllers who engage a third party to process data will be guilty of a regulatory offence punishable by a fine if the data processing agreement is incomplete in contravention of Section 11(2) of the BDSG (Section 43(1) No. 2b).  These new guidelines are more stringent than was the case before – when even the old ones were regarded as draconian by a lot of data controllers. 

On 19 August 2009, the French Data Protection Authority (CNIL) released a new “opinion” on the transfer of data from France to a country outside Europe.  The Opinion is noteworthy for describing how personal data can be transferred from France to the United States pursuant to U.S. discovery proceedings. 

So, until there is clarity what can corporations do?  There are 3 options: 

Option 1. The first method is for the corporation to adopt Binding Corporate Rules (BCR).  This involves a company submitting its data protection processes to a data protection watchdog and having them approved for use.  But the process is both lengthy and costly. 

Option 2.  A second method is to allow the transfer of data across borders under the “Safe Harbor” framework.  In order to bridge the different approaches to privacy between the US and the EU and to provide a streamlined means to allow US organizations to operate in Europe, the US Department of Commerce and the EU Commission developed a “safe harbor” framework which was approved by the EU in 2000. 

Not all of this sit easily because there a commonly held believe that because a company has Safe Harbo data can be collected wholesale from the EU and transferred to the US.  

Option 3.  A third method is to obtain a letter of request under the Hague Evidence Convention from a district court. The Hague Evidence Convention is a treaty that allows the transmission of evidence from one state to another under certain guidelines. Obtaining an approved letter of request permits the transfer and processing of data. However, this process can take 6-12 months, often rendering this solution inapplicable to e-discovery requests with strict court-appointed deadlines. 

Part 2 

There was more discussion on Safe Harbor, the Hague Convention and recent guidelines and rules within the EU and more of a to-and-fro amongst the panelists.  Maura Grossman opined that “compliance” is not possible; the aim can only be risk mitigation via a set of “unpalatable alternatives”:  And she suggested consent – simply ask the subjects of the data if it can be released.  But she also noted that consent is often not possible to obtain and is “inherently coercive” and is only practicable where the number of subjects is limited and the data is not co-mingled. 

Jumping in, Browning Marean noted that the consent must be: informed, given before the transfer of data, revocable.

The more problematic issues are those surrounding the Safe Harbor rramework.  Developed in 2000 by the U.S. Department of Commerce in consultation with the EU Commission as a streamlined approach for U.S. companies with frequent data transfers to comply with the EU’s 1998 data protection directive. 

Participation in the safe harbor is voluntary and requires self-certification by the participating company that it agrees to adhere to the rules.  Under those rules, the company must tell the custodian: what data, for what purpose the data will be used, to whom the information will be disclosed, etc. 

But there are limitations: currently it is only possible if the organization/company falls under the jurisdiction of the FTC.  And certain industries are not eligible (e.g. telecomm)

Also, Safe Harbor only permits transfer into the U.S. but not onward transfer to 3rd parties (even the DOJ or SEC).  However, an organization can get affirmation in writing from the receiving party that it will follow the same rules. 

As George Rudoy said, in reality Safe Harbor certification is not much use in the EU and is definitely not a “free pass”. 

The panel then turned its attention to the Hague Convention (or as it is “popularly” known “The Taking of Evidence Abroad in Civil or Commercial Matters, 18 March, 1970). 

Senior Master Whitaker said it is a multi-lateral treaty and there are two types of situations where requests for documents are made in the EU: 

1. Where the data are in the control of one party and there exist blocking statutes or data protection laws 

2. The data are not in control of one the parties but in the control of a 3rd party in the EU 

He said that he is responsible in the U.K. for dealing with requests under the convention.  In the past 2 years he has only had one request. Generally all requests are only for type #2 above.  And he commented “the Hague Convention is longwinded, a costly procedure that doesn’t always produce what you want”. 

There are two methods to get documents/evidence: 

Chapter 1 – Letters of Request: a request by the court where the action is pending to the designated “Central Authority” of the contracting state where the evidence is located. The “Central Authority” passes the request on to the appropriate body.  You must use the procedure of the requested state 

Chapter 2 – Taking of Evidence by Diplomatic Officers, Consular Agents or Commissioners 

Senior Master Whitaker’s experience, Chapter 2 is only used by mistake. In practice only Chapter 1 is used. 

Key issues/tips: 

1. Timing: the key to success is using an agent, e.g. a solicitor, to make the application for you and to do it early. 

2. Best thing to do is organize everything with the witness that is located in the EU. 

In many instances, the opponent will only make a fuss once the matter is with Senior Master Whitaker and then pay for the 3rd party’s legal counsel to contest the request. Purpose?  to bog you down. 

3. Key: make sure the documents are needed at trial — and not a U.S-type deposition! 

This is not about discovery/disclosure but to get documents you know they have.  When applying for documents, do not use “All documents relating to…” because this looks like a deposition request (fishing expedition). 

This may seem like a semantic argument, but it is necessary to specify exactly the documents you are seeking — if only by the time period, subject matter etc. 

Conclusion?  if you need to use the Hague Convention then do it quickly and early and cancel if you need to because the discovery period may close before it is processed. 

Judge Peck noted that a US District Court may order a party to provide a detailed description of documents in a deposition or interrogatory manner and then put that information into a Hague Convention request.  But nobody on the panel could recall having used the Hague Convention successfully­. 

Maura Grossman also discussed the use of  Binding Corporate Rules (BCR) mentioned in Part 1 which allows group of companies to transfer data amongst each other.  The downside: it requires the approval of all data protection authorities in all localities and no company has yet achieved approval in all countries.  But approximately 6 companies have implemented some form of this so far. 

And there is ad hoc adequacy which requires proof that data would receive the same level of protection as it would receive in its home jurisdiction.  Example: Hong Kong data, hosted in U.K., reviewed in India.  To ensure protection, the data is batched to reduce risk.  Each reviewer receives two batches (a main one and a “spare”) and batches had to be returned before new ones were issued. 

European Data Protection Working Party paper 158 (adopted February 2009) contains suggestions for data controllers subject to EU law and has two parts:  (1) comparison of common and civil law jurisdictions and (2) practical steps and guidelines.   In general, data may only be stored and processed for specific, anticipated litigation.  In addition there must be a legitimate reason for processing the data and a legitimate reason for transfer. 

Concluding remarks by the panel:

-  consent  is not a good basis because it’s not unequivocal, etc.

-  it is always a balancing test between the custodian and requester 

-  involve the data protection authorities as early as possible

-  “notice” is critically important  

-   use Rule 30(b)(6) depositions as these are often more successful

-  also refer to Mancia v. Mayflower case by Judge Grimm which is an excellent overview of the federal rules and other law that require a cooperative approach to discovery. The opinion establishes a solid legal foundation for the new Sedona Conference Cooperation Proclamation.   The Mayflower opinion shows that far from being a Utopian ideal, the cooperative approach to discovery promoted by Sedona is already mandated by the law.

-   Murray noted that in-country review is best as has been borne out by the spike in e-discovery work and document review across Europe. 

-  Vince Neicho suggested that parties should “think about other sources for the same data.  The data may already be here!”

-   Judge Peck noted that with the exception of the Hague Convention it is very difficult to comply with both U.S. disclosure rules and EU protections.  You must do risk analysis.  And cooperation among counsel from both sides is crucial. 

-  Maura Grossman suggested reference to the Working Group 6 publication Framework for Analysis of Cross-Border Discovery Conflicts     

The panel concluded by saying that It is clear that the current approaches to cross-border e-discovery each have their challenges in light of the vague and perilous data privacy landscape. As a result, corporations are having to look at alternative ways of meeting the conflicting requirements of the courts and the EU rules.  The first step is to collect, process, search, cull-down, and review data in country. This dramatically reduces the size of the dataset, allowing local counsel to quickly remove irrelevant documents and focus on the relevant data and custodians involved.

12 November 2009

The presentation was titled Information Everywhere: Understanding New Technologies and Coping With New Problems and was presented by Judge James Francis (U.S. Magistrate Judge in the Southern District of New York), Anne Kershaw (founder of A. Kershaw, P.C.), Thomas Morrissey (responsible for the development and implementation of technology supporting the Office of the General Counsel at Purdue Pharma) and George Rudoy (Director of Global Practice Technology & Information Services at Shearman & Sterling LLP).

They covered virtualization, unified communications and cloud computing.  First up:  unified communications.

Unified communications (UC) is the integration of real-time communication services such as instant messaging (chat), presence information, IP telephony, video conferencing, call control and speech recognition with non real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax).

More and more corporations are moving to UC and it will present/is presenting enormous e-discovery nightmares.  First, some basics:

UC is not a single product, but a set of products that provides a consistent unified user interface and user experience across multiple devices and media types.  UC refers to a trend to offer “business process integration” which means (basically) a process to simplify and integrate all forms of communications in a company to optimize business processes, and manage flows.

So, for discovery, you have EVERYTHING in one place.  It kind of … kind of … makes search easier.  You have the whole story in one spot.  Or as Anne Kershaw said it is like the old days when you went to the file cabinet and went through the correspondence in a file and you said “oh, I see, he wrote this, then she wrote that, and he said this …”

UC allows an individual to send a message on one medium and receive on another. It makes it possible to easily transfer any activity or message to another medium. For example, one can receive a voice mail message and choose to access it through email or a cell phone. If the sender is online according to the presence information and currently accepts calls, the response can be sent immediately through text chat or video call.

The difference between unified communications and unified messaging is this:  unified communications refers to both real-time and non-realtime delivery of communications, where unified messaging systems culls messages from non-realtime sources.

For business, UC it is a no brainer:  it represents a concept where multiple modes of business communications can be seamlessly integrated.  UC integrates all the systems that an employee might already be using and helps those systems work together in real time. For example, unified communications technology could allow a user to seamlessly collaborate with another person on a project, even if the two users are in separate locations. The user could quickly locate the necessary person by accessing an interactive directory, engage in a text messaging session, and then escalate the session to a voice call, or even a video call – all within minutes. In another example, an employee receives a call from a customer who wants answers. Unified communications could enable that worker to access a real-time list of available expert colleagues, then make a call that would reach the necessary person, enabling the employee to answer the customer faster, and eliminating rounds of back-and-forth emails and phone-tag.

Note: the panel provided a video from Microsoft (not to sell Microsoft but to show how this all works) and you can access these videos by clicking here.

However … the e-discovery concerns.  And will the e-discovery concerns slow adoption as companies learn that the move away from traditional phone service includes the conversion of voice mails into e-mail in the form of wave (audio) files.

In the event of litigation, they are discoverable in either case, but in electronic form these audio files must be converted to text because wave files are difficult to search because as audio files there is no actual text information to pull out the document during a search.

Failing a completely accurate technology option, the best protection is a sound business process for the handling of voice mails in any form. All the panel recommended handling voice mails on wave files as part of a company’s document retention (and deletion) policy.

And … like any document, voice mails can provide the smoking gun that determines the outcome of a lawsuit.

The panel did not believe there was an increased legal risk by going to unified communications (companies are storing more voice mail as a result of the conversion to unified communications) but since traditional voice mail already is discoverable, converting voice mail to electronic form makes files more accessible to more people.  And it also makes them easier to store and move around, if not search.

But it triggers issues surrounding legal holds and the “duty to preserve” since these concepts/principles applies to all relevant existing or subsequently created data.  As one panelist said, upon issuance of a litigation hold notice or on receipt of a discovery request a company would have to suspend its retention policy and halt destruction of potentially all voice messages on the voicemail server.  Each message would have to be reviewed for a relevance determination.  Prohibitively time consuming and expensive.  Maybe the relevance of the message may be identifiable based on the context of the metadata regarding the sender, recipient and date/time received? 

A complex, complex area.   But regardless of the digital technology, it all must be integrated in a data retention/deletion policy.

Bottom line:  unified communications promises to pave the way for more collaborative business practices and greater productivity, but it also means the general counsel and his/her ESI manager have another set of issues.  Because while while real time communications like IM, VolP, web and audio conferencing make business workflow easier it also brings inherent risks including security, compliance and e-discovery.

A Review of Day 2 of the ILSLC (Part 1)

As we said in our coverage of Day 1 of the ILSLC (click here) the focus of almost all of the speakers during this conference was:  the fundamental problem facing the legal profession today is the search for truth and justice in a digital world.  A world where the complexity and volume of electronic information is overwhelming.

But the speakers and the seminars did not leave us in the lurch.  The conference presenters provided concrete suggestions, the central theme of each seminar being “We want you to leave with one, two, three or more actionable items you can implement tomorrow to help manage/solve your e-discovery issues and problems”.

And it was a difficult task because the audience was composed of e-discovery professionals from law firms, corporations and e-discovery vendors, each group with different needs.  But the speakers did just that:  provided suggestions/guidelines for managing the litigation/e-discovery process across the enterprise and/or law firm and/or service provider.  

It was made “easy” because all the e-discovery industry “pros” were there (click on a name to learn more about the person):   Craig Ball, the leading expert e-discovery consultant and computer forensic expert;  Albert Buckwalter, editor of Litigation Support Today magazine and organizer of the conference;  Julie Brown, Litigation Technology Manager at Vorys, Sater Seymour and Pease; Brett Burney, Principal of Burney Consultants; Kevin Carr, President of InterLegis;  David Kessler, partner with Drinker Biddle & Reath; Laura Kibbe, Senior Vice President of Epiq Systems; Ralph Losey, partner in Akerman Senterfitt; Mary Mack,  Corporate Technology Counsel for Fios Inc.; Browning Marean, partner in DLA Piper; Bruce Markowitz, Director of Litigation Support at McKenna Long & Aldridge; Mark Mayerson, partner at Spriggs & Hollingsworth; Mary Pat Poteet,  Director of Litigation Support at DLA Piper; George Rudoy, Director, Global Practice Technology & Information at Shearman & Sterling; Alison Silverstein, Managing Director with UHY Advisors FLVS; and George Socha, President of Socha Consulting and developer of the Electronic Discovery Reference Model.

And the event covered all the issues involving foreign language components of e-discovery and European and Asia e-discovery issues with experts like Lillian Clementi, Managing Principal of Lingua Legal; Todd Haley, Vice President of E-Discovery at ePIC; Conrad Jacoby, founder of efficientEDD; Scott Merrick, International Marketing Director of LDM Global; Nigel Murray, Managing Director of Trilantic; and John Tredennick, CEO of Catalyst.

And on the litigation support/e-discovery employment side we had David Cowen of The Cowen Group;  Ari Kaplan of Ari Kaplan Advisors; Patricia Lucas, Records/Litigation Support Manager at Patton Boggs; Shimmy Messing,  partner at Responsive Data; Margaret Morton, Practice Support Coordinator at Morrison & Foerster; Rebecca Prince, Litigation Technology Manager at McDermott Will & Emery; and Josh Sacks, Managing Director of Peak Litigation.

So, those are the introductions.    What did they say?  Well, much was covered, with some seminars overlapping.   We tried to cover as many of the events we could.  Rather than review seminar-by-seminar we’ll summarize what we learned over the two days, the material covered and present a series of bullet points. 

Herein, Part 1 which will cover major points on managing the e-discovery process:

POINTS MADE ON MANAGING E-DISCOVERY

*  Managing electronically stored information (ESI) is an enterprise-wide activity that requires uniform records management policies and the technology infrastructure to automate and enforce them.  It is imperative because the cost and risk of failure to do so is enormous.  The first step in meeting the Federal Rules of Civil Procedure (FRCP) and subsequent Federal Rules of Evidence (FRE) changes is for senior management, including general counsel, to become actively involved in setting ESI management priorities, launching ESI initiatives and funding those initiatives. ESI is spread throughout the enterprise and any of it could be relevant in a legal matter. The starting point for most organizations trying to gain control over e-discovery is existing litigation.  Selecting a system where data aggregation is efficient is important to a successful strategy.  The next step might be to identify those functional areas that are likely to contain the greatest volume of information relevant to certain types of litigation.  Human resources, for example, typically stores a lot of ESI that may be relevant in wrongful termination law suits.  Likewise, product manufacturing documents such as standard operating procedures are of great interest to during product liability litigation. Tape backup and email archives are also rich sources of ESI for litigation. These areas are the  “low hanging fruit” to address when launching an ESI initiative that is driven by e-discovery pressures.

* If you were able to attend and link all the seminars, and read all the handouts, you got a nice review of the FRCP and FRE:

   FRPC Rule 16(b)- scheduling order.  With the new emphasis on ESI, the court moves discussions of e-discovery issues to the forefront. Likely topics would be the breadth of disclosure, time to produce and claims of privilege after production, as noted in Federal Rule of Evidence (FRE) 502.

    FRCP Rule 26(a)- initial disclosure.   The court and the requesting party will want to know the nature of your ESI systems and what procedures you have in place for searching, locating and retrieving documents. For example, the requesting party might ask what your enterprise-wide document retention policies are, so it is best if those retention policies already in place.

     FRCP Rule 26(f)- quick peek risks.   If you cannot demonstrate that your ESI policies will yield satisfactory results during discovery, the court may demand a “quick peek”,  a sample of documents to help resolve initial e-discovery questions. Without a comprehensive ESI strategy in place, the -quick peek‖ raises a variety of issues such as: What are the implications regarding privileged designations? How large is the sample and how is it chosen? What standards are used to evaluate the results of a quick peek? 

    FRCP Rule 26(f) – preservation.   The court will have to strike a reasonable balance between the duty to preserve and the realities of dynamic computer systems – the contents of which change daily – that may contain multiple copies of many documents. 

     FRCP Rule 34(b) – forms of production.  ESI applications often use proprietary data formats, and without the proper software application, the information it contains can be useless.  This raises the question:  in what form should ESI be produced?

      FRCP Rule 26(b)(5) and FRE 502 – clawback.   The Amended Rules and subsequent FRE 502 provide some post-production protection for information erroneously produced though privileged, but there are some requirements to be met.  Failure to meet these may waive the privilege or protection. This puts the burden on corporate counsel to define standard clawback processes, and discuss them early-and to recognize quickly when inadvertently produced privilege material has been produced.

      FRCP Rule 37(f) – safe harbor. The rules allow safe harbor protection against loss of data from computer systems operations operated in good faith. But good faith operation of an information system requires an information management policy that is regularly followed. Without such a plan, the court may require computer systems to be shut down in order to prevent destruction.

*  One point raised time after time was that you must have a centralized, multi-matter review platform.  A centralized review platform enables corporations to apply the principles of process efficiency to every stage of discovery -making e-Discovery a defensible, repeatable business process. A repeatable business process is reasonable and defensible, which is what companies need in order to be compliant with FRCP guidelines.

* Litigation holds.   A “litigation hold” is a suspension of a company’s document retention/destruction policies for those documents that may be relevant to a lawsuit that has been actually filed, or even one that is “reasonably anticipated.”  A “litigation hold” ensures that relevant data is not destroyed and that key employees are notified of document preservation requirements. Even informal procedures for managing print or electronic documents, such as recycling e-mail backup tapes, must change when a company is sued, or even threatened with suit.  When does the duty to preserve arise and what does it cover?   The duty to preserve arises, in general, when a party is alerted that certain information is likely to be sought in discovery. This may occur, for example, upon receipt of a complaint, upon receipt of a demand letter; or upon receipt of a “preservation letter” expressly requesting that certain documents be preserved.   Generally, all information relevant to the claims or defenses of any party in a lawsuit or which is relevant to the subject matter involved is covered, including print or electronic copies of documents, copies in a document storage system, on computer hard drives, or on e-mail backup tapes. It also covers documents in existence at the time the duty to preserve arose, and those created after the duty to preserve arises.

There was much discussion on two recent cases that provided clarity … and also provided “foggity”.  These are the Phillip M. Adams case and the Mancia case.  We can’t summarize all the points made — this is a difficult area — but we learned there are three vendors who provide software to assist in preservation of the litigation hold: Autonomy, Exterro and Atlas Suite from PSS Systems.

And as far as learning/knowing about litigation holds all of the speakers highly recommended The Sedona Conference paper on the subject which is discussed in the DLA Piper White Paper on litigation holds which you can access here.

* Optimizing the document review.   We heard throughout the conference that the actual document review process is 65-70% of the total cost of the ESI collection/processing management function.  We heard about all types of software (we will cover the vendor software demonstrations in Part 3) and heard about the linear review, clustering and visual analytics, as well as a great way to “test” review software:  try to use it without training.  Is it intuitive?  Do you need training?

The document review process was broken down into several steps/functions:

• Data acquisition planning
• Forensics acquisition of the data
• ESI processing
• Document review strategizing
• Matching repository review technology to cases

There was also discussion about the various reporting capabilities/metrix analysis available to track the progress of a review.  It was suggested that such a tool be separate from the actual review software, to be an “objective” analysis outside of the actual review tool.  One of the best on the market is said to be Peak Review Metrics from Peak Discovery.

Coming next:

Part 2:  things to consider in foreign language reviews, and e-discovery across the seas — and jobs

Part 3:  a review of the vendors