Collecting and reviewing the correct documents is integral to a successful investigation. Reviewing too few documents could result in missing key evidence that undermines the investigation and its conclusions. Conversely, a “boil the ocean” approach to document review can dramatically inflate investigation costs.
The first decision point concerns the appropriate sources for collection. The correct strategy will depend on the nature of the allegations and the general conduct of the company’s business, but the following sources should be considered:
- emails (e.g., Outlook files, including calendars);
- company shared or network drives;
- cloud-based storage locations;
- laptop or desktop hard drives;
- messaging programs (e.g., Slack, GChat, WeChat);
- mobile devices (e.g., mobile phones and tablets);
- accounting records; and
- hard copy files.
Initial “scoping” interviews may be necessary in order to identify relevant data sources and storage practices. Investigators should carefully track the origin of all collected documents.
One important principle to apply during this phase is to “preserve broadly, review more narrowly.” The volume of documents collected will always be greater—typically far greater—than the volume of documents reviewed. Ordinarily, the following tools will be applied to narrow the review universe to potentially relevant documents:
- application of search terms;
- deduplication of identical documents;
- date range restrictions;
- clustering or threading of conversations;
- prioritizing review of certain custodians; and
- predictive coding.
Document reviews can be conducted by law firm attorneys, special project attorneys, other third parties, or in-house resources. Companies should consider the experience, supervision, and accountability of the review team, the importance of protecting privilege, the scale of the review, the technical or language requirements of the review, and potential legal exposure faced because of the allegations when weighing the costs of various review options.