PART 2: Predictive coding faces the dreaded S curve, e-discovery goes back home .. and the cloud becomes SO important

Yes. The rapid maturation of cloud-based eDiscovery software has done much to change the calculation.

It used to be simple.  You had three options:

(1) pitch all eDiscovery work to vendors,

(2) invest a gazillion bucks in on-premise hardware and software to perform the work internally, or

(3) the infamous hybrid model: depending on the nature of the work, some of it is fielded internally and some outsourced to a vendor.

And we all heard the drill from vendors: “managed services” – the vendor provides the majority or all of the technology infrastructure, but also personnel who, in the best case scenario, serve as an extension of the firm’s full-time litigation support team (project managers, consultants, etc.). This is a boon for the managed services company, who can charge both for its complex, clunky technology and the highly-skilled labor needed to use it.

But then … BANG!  The cloud.  Which acts as a force multiplier. Efficiency and scalability are among its hallmarks. So, ideally, law firms and corporate counsel can “do more with less” (the current mantra) with the right cloud platform. Work that would otherwise have to be outsourced to vendors or managed service providers can be completed with internal resources at a fraction of the time and cost due to these platforms’ ability to automate, or eliminate entirely, many of the steps involved.

And a point mentioned (incessantly) at these corporate counsel events: while it is true that the incremental costs associated with data processing and search have come down significantly, the amount of data has risen exponentially so that e-discovery costs are still prohibitive.

And when I think of these cost challenges I cannot help but think of Craig Ball’s “EDna Challenge” last year, the profession-wide call to make “e-discovery for everyone” a reality.

BUT LET’S STEP BACK A BIT …

Writing blogs about emerging technology puts you at risk of becoming enamored with buzzwords. Cloud this, big data that. AI is taking over. So, where does this all lead? Is analytics where I should go? Is there a new bigger buzzword around the corner that overtakes all the others?

My belief is that these phenomena are all interwoven and working toward the same enabler: speed. One phrase repeated at conference after conference this year: “Speed is the new IP.” I will address that in Part 3 of this series.  But first …

The terms “SaaS” and “cloud” are thrown around a lot in this space. Cloud computing is an architecture. It’s not a technology. It’s not a delivery model the way most people infer it is. It’s not a browser-based solution. It’s a three-tiered architecture that divides between infrastructure, platform and software. It’s the three elements you use when you create an application:

•  the presentation layer
• the logic layer, and
• the underlying network and database

That is why not all “cloud” offerings are true cloud offerings. Many, such as RelativityOne’s cloud, are hosted (in other words, remotely available via servers you connect with via the Internet), but that’s not cloud. See the NIST report: cloud comes with elasticity, redundancy, etc. and gains much of its actual value not by virtue of being cheaper (although it can be), but by removal of IT management concerns, such as disaster recovery, provisioning, even security from internal operations to external experts – the vendor staff. All of this has significant value, but it isn’t something that is part of the conversation yet.

But a company like Logikcull does fit the description. Even cloud e-discovery providers like DISCO fall short by this description, specifically in their scalability. From what I understand, in order to get data into their “cloud” system, you have to send it to them, either via FTP or physical media. The ingestion/processing piece is not automated — and not native to the rest of their system.

Vendors will drive the change in this conversation as they seek to improve offerings and find points of differentiation as the cloud SaaS eDiscovery market becomes more crowded. In fact, that brings up a point that will reoccur as we consider the state of the eDiscovery software market. Core eDiscovery functionality does not offer much by way of differentiation. As the market expands, evolves, and matures, vendors will look to new avenues for differentiation. As Jim Duffy of Blue Hill Research (he has done a deep dive into the e-discovery cloud) has noted:

For some, that will be by finding new areas of functionality, not just in IG, but new workspace options-perhaps a tab that extends reach thru dispute resolution workflow. Others differentiate themselves by offering a convergence of services and technology. Others, in cloud.

At the same time, we’re also seeing different models from established vendors in response, such as Kroll Ontrack – not a classic SaaS strategy, but still playing with that new crop of creativity in delivery models.

So, ultimately, it won’t be a question of right or wrong. It will be about determining how a model aligns to your organization’s needs, supporting greater variety of project types. Duffy says you’ll be in “three places, three options”. Does your company need:

• complex, white glove operations with secret, secure on-premises hosting;
• an on-demand subscription model for low complexity, high volume, high frequency (think FOIA requests); or
• casual, self-service models where the organization selects options that fit, etc.

For me, one of the best cases I have seen … in both the U.S. and Europe … has been in data processing. I have been working with an in-house corporate law department in Europe that is looking at cloud options. In the “usual suspect” vendor world, raw data is collected by the law firm, then sent away to the vendor to be prepared for review. The processed data is then made accessible via a review platform to the firm, or sent back to the firm so that it can be loaded into its in-house review tool.

It’s a headache just to read that.

With a cloud platform, the firm may simply invite its client into its account and have it begin uploading data. Drag, drop, done. The data is automatically processed and made immediately accessible to the firm’s attorneys for analysis and review.  [ See my chart below under the “Security” section to see how this works ]

My position is that it is the responsibility of vendors to articulate the differences and the responsibility of buyers to understand how capabilities align to their needs for each use or case. Don’t fall under the spell of the buzzwords.  Do your homework.

SECURITY

This past January Inside Counsel published an article speculating as to whether e-discovery repositories pose an attractive target to cybercriminals and, given the often chaotic nature of discovery, whether the process itself presents a vulnerable point of data breach. As we would eventually learn later from news of Chinese hacks of document review rooms, the answer was a resounding “yes”. And last week at the Logikcull/ACEDS “Corporate eDiscovery and Cybersecurity User Group” it was a major topic of conversation.

And given the way data is transferred throughout the discovery process – from the client to its external providers (law firms, service vendors) and then, ultimately, to requesting parties (e.g. adversarial litigants) – all of these exchanges share a common source of risk: data is moving and, consequently, is at its most vulnerable. While some organizations have taken steps to address these risks, such as providing access to secure FTP portals or shipping data only on encrypted media, those measures only go so far. An equally problematic issue is the copying and share of data that has been removed from those secure channels. In the course of discovery, this happens all the time – think about how attorneys may email documents back and forth as a means to share notes and collaborate. And, finally, when a production is shared with requesting parties, that information becomes subject to the other side’s security protocols, whatever they happen to be (or not be).

It’s why cyber security experts who have examined the e-discovery process say the most secure e-discovery or legal intelligence platforms are the ones that eliminate the risk inherent to discovery by providing one central hub where all data is securely hosted and all channels in and out of the database are secure. When data is in the platform, it must be encrypted at rest. And when it is shared with opposing parties, it should be shared through encrypted channels – ideally a secure, permissions-based link whereby requesting parties can access that data remotely and instantly.

That is why the cloud offers that security. So long as it is in the architecture. Eric Palmer of FireEye told me you need to have in the architecture what he calls “a closed-loop hub.” This means that all data resides in one central repository, where all channels into and out of the platform are encrypted (i.e. when data is in motion) and all data inside the platform is encrypted at rest. Compare this to the traditional ediscovery model which I described above, where data is shipped or FTP from the client to the law firm to the vendor and back. The cloud architecture looks something like this:

When I met with Robert Groud of Microsoft to research this post he ran me through the key security elements that must be considered as an integral part of any SaaS application development and deployment process:

• SaaS deployment model
• Data security
• Network security
• Regulatory compliance
• Data segregation
• Availability
• Backup
• Identity management and sign-on process

But it is also important to consult the Legal Cloud Computing Association which released its Security Standards providing guidelines for cloud service providers to ensure adequate protection of client data stored in the cloud in a manner consistent with lawyers’ ethical obligations.

In my view the real e-discovery cloud battle will be between kCura (RelativityOne) and Logikcull.  Call it “The Battle of the Titans”. Or “Microsoft (kCura) vs Apple (Logikcull)”.  Clearly kCura had to up its game as it has faced the mounting competitive onslaught of Logikcull.

I had the opportunity to be a fly-on-the-wall when a U.S. client let me sit through two presentations, one by Logikcull and one by kCura/RelativityOne.  I also had the benefit of a kCura channel partner providing me some pricing information and a Q&A, with mirror disclosures by a Logikcull client.  The following information is based on those disclosures and the presentations I heard.

Data volume is always going to be a major pricing driver. Several points come out of the RelativityOne material:

• RelativityOne requires a minimum commitment of 0.5TB per year, measured by peak usage during the month.
• Assuming a data fee of $15/GB/month, that’s a minimum commitment of probably $90k/year (not including the user fees).
• Data fees include all data that lands in Relativity – regardless of whether it was processed or imported.

And an interesting statement:

Based on our research of the U.S. market – both through the consulting group we worked with and our own meetings with partners – we heard retail rates for hosting between $10 and $17 per GB per month. Of course, there are outliers. We have examples of rates as low as $3 and as high as $45. Also, the range is dependent on guaranteed volumes, whether or not the customer signs an agreement to host multiple matters over a year or longer versus only committing to host a single case, and the overall mix of services being provided in addition to hosting.

kCura seems to be adopting a “universal users” approach – all contracted on-premises users will have access to RelativityOne for no additional user fees. That’s a very good thing, a very good price point.

The material had an exact user price, but given it was dated (6 months ago) I must assume it has changed.  But I think one can assume the price per user could be comparable to today’s on-premise pricing. For comparison purposes, using a schedule from TechLaw Solutions, the on-premise pricing starts at $117/user/month for 25 users and goes down to $80/user/month for 1500 users (this is for an annual named user license with unlimited Relativity Analytics).

Also of note: there will be no processing fees in the RelativityOne program.

Some provisos:

• there seems to be a 3 year commitment for data fees coterminous with users
• Legal Hold and Collection will be separate add-ons at the same rate price as on-premises
• Each data fee is tied to a single geography – there are fees to expand
• This is still a partner play rather than a direct sales model
• Partners will be the only providers of on-demand, case-by-case hosting

One interesting monetary note:  “Certified Partners” receive 25% of the enterprise customer’s total license cost (users + data fees); to be a certified partner you must commit to 3TB of data in RelativityOne in year 1, at a price of $275k (40% discount off rate card). So that indicates a rate card price of $460k/year for 3TB, or $12.78/GB/month.

I have done some cold outreach to a few Relativity partners to validate this and get more details, especially around the user pricing. I may update this post accordingly.

As regards Logikcull pricing … a bit different.

Depending on who you ask or what you read, the balance of power dictating how discovery is performed, by whom, and at what price is either shifting back toward the corporation, or back to law firms and other legal service providers. For every survey showing mega-companies are conducting more discovery on their own, with internal tools and internal teams, there is another indicating that law firms, especially the very big ones, are investing more heavily in building their own discovery business units.

There is also an issue driving cloud not often discussed but that was certainly on display at LegalTech this year: as an e-discovery software program grows in size and complexity, the software can become a cruel maze. Jason Lanier has often written about it in his books and on his blog when discussing large-scale software as “feeling like a labyrinth … even the best software development groups periodically find themselves caught in a swarm of bugs and design conundrums”.

And let’s face it:  much of the “high tech” e-discovery software we use day-to-day in review rooms is deficient despite the sales pitch at such venues as LegalTech.   Last December in D.C., at a major law firm’s document review, we saw a “state-of-the-art” document review software “crash and burn” due to a myriad of tech failures … not scalable, suffering from “lock-in” (poor integration of different pieces of an enterprise software that do not function well together) coupled with poor supervision by the firm’s staff attorneys whereby the review was summarily dismissed while the law firm “rethought” its options.

We get reports on these tech burnouts on a regular basis via our contract attorney e-discovery membership who provide ongoing feedback on almost every document review platform. And it will get even more complicated as we move more and more toward unified information access platforms … let’s turn THAT into a LegalTech buzz word … which are platforms that integrate large volumes of unstructured, semi-structured, and structured information into a unified environment for processing, analysis, e-discovery and information governance.

I have heard RelativityOne disparaged as “eh, big deal. It’s an exact clone of their premium software, just plugged into Azures IaaS”. But their product is far better, far more than that. I am not sure what this means for kCura channel partners, but there is much, much more going on with their technology. I strongly advise you go to sites like Capterra and G2 Crowd, where you can find more than 160 verified user reviews. In fact, you can find a side-by-side comparison of Logikcull and Relativity here: https://www.g2crowd.com/compare/logikcull-vs-relativity.

One other important thing to point out is that Relativity and Logikcull tend to specialize in two different areas. While Relativity might be appropriate for huge cases (terabytes), it’s often overkill/too complex to time-and-cost-effective-deployment on smaller cases. Using Relativity on a 10 gig case is like shooting a fly with a bazooka. Logikcull, on the other hand, shines for organizations with high matter velocity and lower matter volume. (i.e. gigabytes, not terabytes). And what’s interesting to me is that this is the much bigger market. According to numerous corporate counsel surveys over the last year or so, 80% of all eDiscovery projects fall into the smaller, routine bucket. So a solution like Logikcull is among the only solutions that allows you to get through them quickly and affordably. That’s where the automation piece really comes into play.

Which is why when you do your homework and examine these solutions, find out how many critical processing steps are automated — yes, that again. Because the upshot is that by capturing and ensuring the integrity of the data fed to it and breaking that information out in a meaningful way, gives users a fuller picture of the evidentiary issues in the case and gives them deeper insight into individual pieces of data. This is increasingly important, as disputes are increasingly resolved through data. And more data. And even more data.