Iron Mountain Moves Into E-Discovery, Acquiring Stratify

After months of rumors that Iron Mountain was going to do “something”, the grandfather of records management announced today that it is acquiring Stratify for $158 million in cash. My best guess is that Stratify will do about $30 million in bookings this year, making the purchase price about 5X revenue – a pretty good multiple for a services business with gross margins of 50-60%.

Iron Mountain’s motivations are not hard to guess. It stores oodles of electronic data for large corporate clients. Whenever those clients have a case, they retrieve a subset of that data and send it off to a service provider like Stratify for processing. Through this acquisition, Iron Mountain now has a chance to up-sell its customers on Stratify and capture that service provider revenue for itself. This will be compelling to customers if (and this is a big “if”) Iron Mountain is able to integrate Stratify with its archive, making it easy to pass data from one to the other. As one Iron Mountain customer at a major Wall Street bank told me, “Iron Mountain is great about getting data in; it’s awful when you want to get data out.” If Stratify can help solve that problem, even if it’s only in the case of litigation, then every Iron Mountain customer will cheer.

Given the obvious potential of this deal to Iron Mountain, the question is less about why they would want to acquire a service provider in general, and more about why Stratify in particular. E-discovery services is a large, fragmented market, and there is no shortage of players to choose from. That said, I think they found Stratify a compelling target for 3 reasons:

• Good Technology: Unlike many service providers, Stratify (or Purple Yogi, as it was originally called) started life as a product company. It went through several incarnations: starting out in 2000 to “personalize the internet” for consumers, it soon moved on to knowledge management for corporations, before finally settling on e-discovery services for law firms. To fund all this, it raised over $30 million in venture capital and invested a good chunk of that in product development. The result is a sophisticated product that goes far beyond the review platforms that most other service providers have built.
• Right Size: Many acquirers like companies in that $20-30 million in revenue range. On the one hand, they are big enough to provide a solid platform for growth; on the other, they are small enough to be affordable. When Iron Mountain analyzed the market, it will have found the vast majority of targets either too big or too small, leaving it with only a handful of players to consider, like Stratify, Cataphora and H5.
• Willing Seller: It is no secret that Stratify’s largest shareholder, the venture capital firm Softbank, is winding down and was looking to sell its stake in the company. That, together with the inevitable fatigue that sets in after 7 years of slugging it out, most likely made Stratify a willing seller.

So, on paper, this is a good deal for both sides. Stratify gets a decent return for many years of work; Iron Mountain gets the chance to capture more revenue from its customer base. My congratulations to the Stratify team – I have huge respect for entrepreneurs who weather the dark days, re-invent their company, and lead it to a successful outcome. I wish them well on their new adventure.

“Web Services” For E-Discovery

Prior to working in e-discovery, I (Aaref) always thought standards bodies were a waste of time – or, at least, nothing more than an excuse for free travel to exotic locations. But George Socha and Tom Gelbmann’s EDRM project has changed my mind. In the second of a series of posts, our e-discovery guru – Kurt Leafstrand – explains one of many ways in which EDRM will have a big impact on e-discovery in the years to come:

Last week, I once again had the pleasure of participating in the (now biannual) EDRM conference in St. Paul, Minnesota. For those unfamiliar with it, EDRM is a fantastic collaboration between e-discovery software vendors, service providers, and consumers committed to addressing practical problems associated with e-discovery.

Looking back on both formal sessions and informal conversations with many participants, the one key theme that came across loud and clear is that the days of traditional, "throw-it-over-the-wall" (TIOTW) e-discovery are numbered.

I am sure you're familiar with the TIOTW approach, that endearing process whereby an enterprise gathers up a muddle of electronic data in all shapes and sizes, ties it up in a big bundle, rolls it in bubble wrap, and catapults it into the waiting arms of a service provider. They unwrap it, chant some incantations and perform other black magic for a few days (or it is weeks?) and throw a bundle back over the wall to their corporate client. In-house counsel takes a look and promptly realizes that the search terms she thought were sure things were completely off the mark, and that she missed a couple of custodians, and then... well, it's back over the wall again.

What’s going to tear the wall down? The EDRM XML schema, the first version of which is unveiled today by Clearwell and a large group of other vendors and customers. This will have the same impact on e-discovery as web services have had on e-commerce, enabling systems to pass data to one another over the internet, just as Travelocity passes information to American Airlines when you use it to make a reservation online.

What difference will this make? Well, I boil it down to 3 main things:

1. Litigation risk will decline as early case assessment finally becomes a reality in the enterprise—making it feasible to process, analyze, and do first-pass review of documents in-house, and then transfer those documents and tags to service providers and outside counsel without having to start from scratch.
2. E-discovery timeframes will shorten as enterprises become able to craft comprehensive e-discovery strategies more easily by executing and refining searches closer to the source of the data, and eliminate time-consuming back-and-forth exchanges between enterprises and service providers. And that’s a good thing, with the new FRCP (and coming soon, state rules!) pressure.
3. E-discovery manageability will improve as enterprise-based e-discovery systems are able to integrate seamlessly with downstream litigation management systems. Previously, you were forced to either channel data into a complex external litigation management system too early -- making it difficult for internal counsel and other constituents to have access to the documents -- or pay for costly and time-consuming custom data conversions to migrate data between document "silos."

What to do with all of those unused CDs gathering dust in your office? I've heard they make great coasters…

If You Think E-Discovery Does Not Matter, Think Again

In my experience, e-discovery does not make the radar screen of most corporate General Counsels (GCs). Typically, it is one many issues left to others (e.g., Chief of Litigation, Director of Litigation Support) within the GC’s group. That may change after the recent verdict in the case of Broadcom vs. Qualcomm.

See below for the story, as told by Corporate Counsel in their October issue, with additional commentary from me [added in brackets]:

Collateral Damage

After a string of punishing legal defeats, Qualcomm Incorporated has switched general counsel. On August 13 the company announced that Carol Lam would replace Louis Lupin as its legal chief [Sounds like he got fired]. The move came a week after a federal judge issued a scorching order accusing Qualcomm and its outside lawyers of “gross litigation misconduct.” [Sounds like a pretty good reason why he got fired]

Emily Kilpatrick, Qualcomm’s director of corporate communications, says Lupin is leaving for personal reasons [Isn’t that what they always say?]. “He has been an outstanding leader and contributor to Qualcomm’s success over the past 12 years,” according to Kilpatrick. “However, he has decided to step down as general counsel and take a personal leave.” [a decision most likely made at the request of his boss]

Lam, who was hired in February to supervise Qualcomm’s worldwide litigation, will take over as interim GC, according to a company statement. Lam is one of the U.S. Attorneys fired by the U.S. Department of Justice this past winter. [oh, the irony…]

Based in San Diego, Qualcomm licenses semiconductor technology and system software to cell phone makers. For several years it’s been engaged in a pitched battle with rival Broadcom Corporation over who has infringed whose patents.

Qualcomm’s biggest problems have come in a case in San Diego federal district court. In January a jury ruled that the company had violated Broadcom’s patents. But even before the verdict, Qualcomm suffered a major setback as the trial drew to a close. One of the company’s witnesses revealed the existence of email that Broadcom said should have been produced during discovery. [Yet again, email is the smoking gun]

In April general counsel Lupin and one of Qualcomm’s outside attorneys sent letters of apology to the court, saying they failed to do a detailed enough keyword search of the company’s email. [No big deal, right? After all, we are saying sorry]

But that wasn’t enough for Judge Rudi Brewster, who has been hearing the San Diego case. On August 6 he issued a blistering 54-page ruling. He accused Qualcomm not only of failing to turn over more than 200,000 pages of relevant email and electronic documents during discovery, [i.e., this is a case of a deeply flawed e-discovery process, not of a simple missing email] but of engaging in a years-long campaign to deliberately mislead a technological standards body. Brewster ordered Qualcomm to pay Broadcomm’s litigation costs, and voided two of its patents. (David Rosmann, vice president of intellectual property litigation at Broadcom, estimates that its fees could be around $10 million). [The legal costs alone are several times what it would have cost Qualcomm to purchase an e-discovery solution and avoid this whole situation in the first place]

In a statement, Qualcomm said it “respectfully disagrees” with Brewster’s ruling and intends to appeal. “Qualcomm acknowledges the seriousness of the court’s findings and reiterates its previous apology to the court for the errors made during discovery and for the inaccurate testimony of certain of its witnesses,” the statement read. [We said sorry, isn’t that enough for you guys?]

The company’s problems aren’t over, however. Federal magistrate judge Barbara Major is now considering whether to levy sanctions against Qualcomm’s attorneys. [Don’t think you can hide behind your deep-pocketed employer. If you screw up e-discovery, it will be your neck on the line] Major has given “any and all…attorneys who signed discovery responses, signed pleadings and pretrial motions, and/or appeared at trial on behalf of Qualcomm” until September 21 to file a statement explaining why they shouldn’t be penalized. [For the lawyers in question, it’s guilty unless their arguments convince the judge they are innocent]

Data Retention Policies For E-Discovery: More Of A “Red Herring” Than A “Hot Potato”

For those in regulated industries like financial services, where data retention policies are mandated, every keystroke is tracked and every phone call recorded, the question of how long you should keep data is moot: you keep it for as long as regulations demand.

But for the rest of us in manufacturing, media, technology, government, and elsewhere, it remains an open question. The answer to “what should our email and document retention policy be?” is often a political hot potato, pitting legal and IT’s goal of lower costs against the broader population’s desire to hang on to all their email, just in case they need it later. In fact, the only thing harder than agreeing a retention policy is enforcing it afterwards, as corporate users habitually keep more data than allowed, unless physically prevented from doing so.

The reason this matters is that many people believe creating a data retention policy is a key part of implementing an e-discovery solution. I too used to think this way, viewing retention-policy-creation as a necessary rite of passage for legal, IT, and information security people who want to lower e-discovery costs. After all, if the #1 cause of higher e-discovery costs is too much data, then a policy reducing the amount of data looks like a low cost, no-brainer solution.

But life just does not work that way. Outside of the command-and-control environment of regulated industries, retention policies simply do not work. You cannot fight human nature and force people to delete information they want to keep – especially when Gmail, Yahoo Mail, Hotmail and others are training them to do precisely the opposite (i.e., never delete, keep everything) in their personal email accounts.

So, I have changed my mind: to anyone engaged in implementing an e-discovery solution in a non-regulated industry, I say: forget data retention policies, it is a red herring. Too much data is a fact of life that will only get worse. You can no more get people to delete email and documents than you can stop someone writing them in the first place. Instead, focus on the battle you can win by putting in an e-discovery solution that enables you to do two things:

1. Collect data efficiently, so that you have a reliable (defensible) way of getting the data you need. Implementing an email archive from HP, Symantec or others is a great way of approaching this, as is leveraging forensics tools from Guidance or Access Data.

2. Analyze the data up front, so that you can cull it down to only those documents relevant to the case before a human being has to review them. Clearwell’s e-discovery solution is one approach which has worked for a large number of enterprises.

If your experiences, or conclusions, differ from mine, then feel free to post a comment. I am particularly interested to hear about successful examples of data retention policies at non-regulated companies, since I have yet to see one.

Now, That's Customer Feedback

To the long list of reasons why e-discovery companies should be good to their customers, we can now add one more: because if you don't, they might blog about you and say nasty things. That's what has happened to Metalincs on this blog which carries the intriguing description of "legal software whistle-blower" in its web page address.

I have no idea who this person is, but their comments about Clearwell's e-discovery solution are well-informed and accurate.

E-Discovery Trends Take Center Stage at ILTA

This is the first of several guest posts from Kurt Leafstrand, formerly a rocket scientist at MIT and now an e-discovery guru at Clearwell. Kurt was on vacation last week, but couldn't resist spending part of it at an important gathering in Florida. His report:

Last week, 3,000 of the country's top legal technologists gathered in Orlando for the 2007 International Legal Technology Association (ILTA) conference. Lawyers will always be lawyers, so the hotel staff seemed particularly diligent as they secured the electrical cords to the floor of the exhibit hall, and the Starbucks seemed a bit on the cool side. However, the discussions and technology were far from cold, and the show was a great chance to learn from some of the industry's leading practitioners from both corporations and law firms.

E-discovery was the focus of many of the conversations, and several emerging trends were at the forefront:

Courts are taking a more active role in e-discovery: With the changes to rule 26(f) in the FRCP, parties are required to confer early (and agree on!) e-discovery. This has pushed the courts to start issuing guidelines to help remove some of the ambiguity from this process and to help parties reach a faster consensus. In one session, Browning Marean of DLA Piper highlighted as "best thinking" a protocol from the Maryland District Court, which included:

• Defining minimum standards for the kind of information to be exchanged
• Recommending that each party have an ESI coordinator (this may lead to IT/legal tech being brought into the meet and confer process)
• Setting defaults to be applied if parties can't agree

One panelist pointed out that, in spite of all this, "the average litigator is woefully unprepared for the e-discovery aspects of the rule 26(f) conference." With the courts showing early aggressiveness in ensuring that the FRCP changes are actually put into practice, it appears that the already intensive focus on ESI will only increase, so firms and corporations need to get their acts together quickly.

Discovery battles are taking center stage: In what many see as a worrisome trend, e-discovery battles are increasingly common and focus "not on the case and its merits, but on spoliation and sanctions." Because of the error-prone nature of most e-discovery efforts, it often pays to look for "little slips... did some executive accidentally delete his email? Was there a failure to produce?" One astute participant commented that the "interest in sanctions is because electronic data is so treacherous. It's much easier to get it wrong than right."

Two current e-discovery "train wrecks" serve to highlight this:

• Intel/AMD: Despite elaborate and costly efforts to comply with preservation orders across 100,000 employees dispersed around the world, Intel found itself having to advise the court of "document retention lapses that have occurred...after the filing of complaint."
• Qualcomm/Broadcom: The attorneys who represented Qualcomm in its unsuccessful patent lawsuit against Broadcom found themselves summoned before the court to show cause as to why sanctions shouldn’t be imposed for their failure to produce documents pertinent to the case: approximately 230,000 pages of documents, actually.

How do corporations and firms better manage their risk in light of these trends? One panel of senior partners suggested that parties need to work smarter, not harder, when it comes to e-discovery, and understand that the state of the art is moving toward a highly iterative e-discovery process. In most initial e-discovery requests today, “the signal-to-noise ratio is such that search results are often meaningless.” This new approach will need to be “negotiated throughout the e-discovery process,” but is going to becoming increasingly critical for both sides of the case to work together on in order to assure that they don’t find themselves in the same (costly) boat as Intel and Qualcomm. This trend was especially relevant to ILTA attendees, because the only way to make this iterative process work is through their active participation, assisted by the next generation of e-discovery 2.0 technologies.

E-Discovery Is Taking Off – And Investors Know It

Regular readers will know this blog is about e-discovery and not about my company, Clearwell. That said, every now and then, the two intersect and it makes sense to write explicitly about Clearwell, since our experience speaks to broader market trends.

That’s the case today, with Clearwell’s announcement of 2 significant milestones. First, the company has crossed the threshold of 100 customers using the product to lower their e-discovery costs. Since the technology bubble burst in 2000, I have been involved with several early stage companies that have brought new products to market, either as founder, CEO, investor, or advisor. All have capable teams; some attacked huge markets; none have seen the rapid customer adoption that we have experienced at Clearwell. Nor were they able, as Clearwell has done, to so quickly break into top tier accounts such as BP, Boeing, Cisco, Del Monte and a host of other household names which I am not at liberty to mention.

The second milestone is that Clearwell has closed its third round of funding for $17M. This is a larger amount than planned, and it happened much more quickly than I anticipated. It was driven by the simple investment philosophy that has powered large investments elsewhere: find a large, growing market and pick the winner, as it will likely be worth more than all the others put together.

I see both milestones as significant for the broader e-discovery space. The fact that a company can introduce a product and, a little over a year later, have over 100 customers using it, says that there is huge latent demand. Clearly, everyone from small hedge funds to mid-sized insurance companies to large departments of the federal government desperately want to lower their e-discovery costs. If history is any guide, this untapped demand will be recognized by a large number of existing players who will all repurpose their existing products towards e-discovery. But, again looking at similar phenomena play out in other markets, the space will likely be won by a “pure-play” vendor unencumbered by the baggage of a legacy business. The investment community recognizes this and is increasingly willing to open its check book in the hope of backing that winner.

No doubt, other young companies will raise money to attack the e-discovery opportunity, and other existing players will continue to dress up their generic search or storage solutions in e-discovery clothing. But over the next 12-24 months, a leader will emerge from the pack and will grow into a significant, standalone company – and the others will either sell for whatever they can get, or try to find a different application for their technology.

Stock Option Back-Dating, Corporate Investigations, And the Remarkable Reyes Verdict

I don’t know if it’s just in Silicon Valley that the Greg Reyes case has received broad coverage. Wherever you are, it’s worth taking note because this is quite a remarkable verdict. Mr. Reyes, the former CEO of Brocade, was convicted of 10 charges connected to stock option backdating and now faces up to 20 years in prison and millions of dollars in fines. All this despite the fact that:

• Mr. Reyes did not personally profit from his actions, since it was only other people’s options that he was back-dating;
  
  
• There were no “smoking-gun” emails or any clear evidence that he knew he was breaking the law, which is key to overcoming the (plausible) defense that he was just doing what the accountants and lawyers told him he could do; and,
  
  
• There’s no sign of damage to shareholders, given that Brocade’s stock has been unmoved by the whole thing (i.e., this is no Enron/Worldcom).

All this raises a series of questions. First, why would he (or anyone) do it if he does not benefit himself? The best explanation I have seen is Ben Horowitz’s lengthy post on the topic – to summarize, CEOs did it for the same reason that athletes take steroids – to win. Second, how did the government manage to convict him given the lack of evidence? According to Business Week, they did it by showing Mr. Reyes lied to Brocade’s corporate investigation team in 2004, suggesting he knew that what he had done was wrong (note to self: be careful what you say if an investigator comes knocking on the door). Third, what does this mean for others? Let’s just say, if I were the CEO or CFO of any of the other 200 companies implicated in this scandal, I would be pretty worried right now.

This verdict marks a big shift in the fallout from stock option back-dating. To date, the back-dating scandal has mainly distracted management and led to huge legal and accounting expenses. For example, Monster recently announced its plan to cut jobs in the wake of swelling legal expenses resulting from its investigation. But things are about to get more serious. If a jury is willing to convict Mr. Reyes based on evidence the judge thought was so weak that he almost dismissed the case, then no one is safe, Mr. Jobs.

Symantec’s “E-Discovery Connectors” For Enterprise Vault: What Are They and Why Should You Care?

Today, Symantec announced 3 connectors for Enterprise Vault, for analytics, review and content collection. According to the announcement, these will “provide tight integration with third-party case management, review, analytics, forensics and desktop collection tools.”

The idea that archives should integrate with third party products is one I whole-heartedly support and have written about before. My company, Clearwell, has been working with Nick, Scott, and the gang at Symantec on this for over a year. They tell us that we were the first to integrate with Enterprise Vault and, to our knowledge, we are the only ones who have deployed fully integrated e-discovery solutions with Enterprise Vault at several enterprises.

Having said all that (and climbing down from my soapbox), I think Symantec’s customers will need to read this announcement very carefully to understand what it means. To give them a helping hand, let me translate it from corporate-marketing-speak into plain English:

Symantec is releasing 3 connectors which enable customers to ingest files from EnCase and export files to Summation and Ringtail. It is also exposing a new application programming interface (API) so that third-party vendors can more easily build their own connectors to Enterprise Vault.

At this point, most people’s eyes glaze over and they ask “who cares”? Surely, only techies get excited about something as esoteric as a new API. But as the recent excitement over FaceBook’s API has shown, opening up a platform – even in a limited way, as Symantec is doing – can unlock tremendous value. For those customers with Discovery Accelerator v.7.5, the new API will have a huge impact for 2 reasons:

1. It makes integration with Enterprise Vault much easier, so lots more vendors will do it. In their press release, Symantec mentions a handful of companies who are building connectors to the new API and I’m sure more will follow. This increases customer choice, and makes it more likely that Symantec customers will be able to select related products that closely fit their needs;
   
   
2. It enables enterprises to have a smooth workflow across all aspects of e-discovery, from collection/preservation to analysis/review to production/presentation. For example, companies can now collect information in Enterprise Vault, preserve it by placing a litigation hold on key information via Discovery Accelerator, and then seamlessly hand off that information to a third party application (like Clearwell) for review and analysis. This saves a lot of time that would otherwise be wasted on importing/exporting data from different systems, and reduces the risk that something gets lost in the shuffle.

Net net: companies do well by giving customers what they want, and customers want end-to-end e-discovery solutions. Symantec is not the only one to have figured this out; stay tuned for more announcements like this from other archiving vendors.

Everyone (And Their Grandmother) Is Jumping Into E-Discovery

At some point in his blog last year, David Hornik, a venture capitalist, lamented the fact that VideoEgg, one of his investments, had 38 competitors in the online video market – and those were only the ones that he knew about.

A casual observer could be forgiven for seeing the same thing happening in e-discovery. Barely a day goes by without some company in a completely different market announcing that they too now have an “e-discovery solution”. Debra Logan at Gartner, who is fast emerging as one of the leading lights of the e-discovery world, tells me she is speaking to 30 vendors for her forthcoming research – and could easily have covered twice that number. Brian Babinau, the insightful and witty analyst at Enterprise Strategy Group, jokes that: “nowadays, people either build a social networking product or do e-discovery.”

For example, last week Zimbra, an open source email platform which has nothing to do with e-discovery, announced its new “e-discovery features”, which sound a lot like keyword search. Kazeon, which wins the prize for creating the world’s most complex e-discovery workflow diagram, has added e-discovery as one of its primary “solutions”, while Endeca takes a more measured approach, proposing only that its financial services customers use it for e-discovery. The list goes on and on.

Despite the worsening signal-to-noise ratio, all the activity will ultimately make it easier for customers to figure out which e-discovery solution makes sense for them. There’s more coverage from leading analysts, who can help explain the different products; large vendors such as EMC, Symantec, and HP are gradually educating the market; and the industry is coalescing around the Electronic Discovery Reference Model, which breaks e-discovery down into its key elements and explains how they fit together.

If e-discovery follows the path of online video and other fast-growing categories, lots of companies will continue to throw their hat into the ring. But for every hundred “VideoEggs”, there will only be one YouTube.