Outsourcing Law & Business Journal™ – December 2012

December 21, 2012 by

OUTSOURCING LAW & BUSINESS JOURNAL™ : Strategies and rules for adding value and improving legal and regulation compliance through business process management techniques in strategic alliances, joint ventures, shared services and cost-effective, durable and flexible sourcing of services. www.outsourcing-law.com. Visit our blog at http://blog.outsourcing-law.com.

Insights by Bierce & Kenerson, P.C. Editorwww.biercekenerson.com.

Vol. 12,  No. 8, December,  2012

Special Webinar Announcement:   Please join us for a series of complimentary webinars entitled:  “Strategic Issues for International Technology Businesses”  to discuss selected issues, structures and opportunities for international investments and joint ventures in U.S. and foreign technology-based businesses via three webinars:
Tuesday January 29, 2013, 12 noon-1:45 pm ET
“Exploiting U.S. Tech Businesses Abroad:  Europe, India, China”
Tuesday February 26, 2013, 12 noon-1:45 pm ET
“Exploiting Foreign-Based Tech Businesses in the U.S.”
Tuesday March 19, 2013, 12 noon-1:45 pm ET

“Personal Wealth & Tax Planning for International Tech Entrepreneurs”

Participants:
EisnerAmper LLP
Bierce & Kenerson, P.C.  (Full disclosure, we are the editors of this newsletter)
The Margolis Law Firm,
Edica-Garnett Partners,
Porto Leone Consulting, LLC,
Frenkel & Company

For more information, please click here to contact Alyssa Todtman at EisnerAmper LLP
_________________________________________

1.  Knowledge Management in Strategic Alliances and Outsourcing
2.  Non-Practicing Entity Buys Kodak’s Digital Business Patent Portfolio, Licenses to Consortium
3.  Humor.
4.  Conferences.

________________________________________

1.  Knowledge Management in Strategic Alliances and Outsourcing.  Knowledge management has become a key driver in the design and sustainability of competitive global enterprises today.  In knowledge management (“KM”), organizations define the purpose and meaning of information for the corporate mission, create, store and share information and establish tools and rules for internal and external use (and repurposing) in commerce.  KM presents structural and contractual challenges for enterprise customers and their outsourcing service providers.  Knowledge management is applied in outsourcing, supply chain management (“SCM”) and business process management (“BPM”).  Other applications include business continuity planning (“BCP”), disaster recovery (“DR”), audit and control for corporate governances and regulatory reporting. For more, click here.

2.  Non-Practicing Entity Buys Kodak’s Digital Business Patent Portfolio, Licenses to Consortium.  In mid-December 2012, Eastman Kodak Co., a bankrupt photographic supply company, agreed to sell its patent portfolio to a consortium of buyers.  The portfolio includes patents for digital photography, Web-based photo applications and other technologies critical to Internet-based e-business, social media and mobile computing.  The deal (which is subject to bankruptcy court approval) represents a new approach to patent litigation, patent portfolio procurement and patent licensing from bankrupt companies in the United States.  To read more, click here.

3.  Humor.

Knowledge Management, n.  Occult meta-world giving divine meaning to an ever-expanding universe of data.

4.  Conferences.

February 18-20, 2013, IAOP’s Outsourcing World Summit, Phoenix, Arizona.  This annual conference brings the global community of outsourcing professionals together for an unparalleled knowledge sharing, networking and personal and business development experience.

Outsourcing is entering a new age as different opportunities—and demands—are made by companies in pursuit of improved outcomes, lower costs and higher standards in a critically competitive economic environment. Trends like rural and impact sourcing, corporate social responsibility, crowd sourcing, the cloud, technology convergence, the BRIC surge, collaborative and strategic models, and governance have all impacted the way companies do business and the level of understanding and knowledge outsourcing professionals must have to be successful. And it is clear that it takes skilled professionals – now more than ever – to harness these opportunities and meet these demands.  For more information, please visit their website.

March 4-7, 2013.  SSON and IQPC present its 17th Annual North American Shared Services & Outsourcing Week, Orlando, Florida.  If you’re looking for what’s new in service delivery capability, and for the next steps to achieve a maximum level of value, join us at North America’s premier forum for shared services and outsourcing professionals, where you will learn how to design and execute a holistic GBS framework that encompasses shared services, outsourcing, internal business functions and Cloud computing resource;  achieve global end-to-end processes across business functions, systems and geographies; learn what service levels are important to achieving your business goals; how to understand real business value from big data; understand and over-deliver what your internal and external customers want and gain insight on where you can benefit from disruptive technologies, such as Cloud, mobility and social.  To get more information, click here.

April 30-May 1, 2013.  American Conference Institute presents its 7th Annual Forum on Controlling Litigation Costs, Chicago, Illinois.  ACI’s renowned forum returns, with a brand new faculty and novel case studies and strategies designed to help you (1) get more value from the firms you use in litigation matters OR (2) keep existing corporate clients and ensure you are at the top of the “go to” list when matters arise.   This conference is for in-house counsel or legal sourcing manager and private practice litigation attorney or law firm marketing/business development specialist.  For more information, please click here.

**********************************

FEEDBACK: Since 2001, Outsourcing Law & Business Journal™ has been addressing legal issues in operational excellence in business services through effective sourcing practices and service integration for global and globalizing enterprises.  Covered operations include business services in IT, HR, finance and accounting, procurement, logistics, manufacturing and customer relationship management. Send us your suggestions for article topics, or report a broken link at wbierce@biercekenerson.com. The information provided herein does not necessarily constitute the opinion of Bierce & Kenerson, P.C. or any author or its clients. This newsletter is not legal advice and does not create an attorney-client relationship. Reproductions must include our copyright notice. For reprint permission, please contact: wbierce@biercekenerson.com. Edited by Bierce & Kenerson, P.C. Copyright (c) 2012, Outsourcing Law Global, LLC. All rights reserved. Editor-in-Chief: William Bierce of Bierce & Kenerson, P.C., located at 420 Lexington Avenue, Suite 2920, New York, NY 10170, 212-840-0080.

Knowledge Management in Strategic Alliances and Outsourcing

December 21, 2012 by

Knowledge management has become a key driver in the design and sustainability of competitive global enterprises today.  In knowledge management (“KM”), organizations define the purpose and meaning of information for the corporate mission, create, store and share information and establish tools and rules for internal and external use (and repurposing) in commerce.  KM presents structural and contractual challenges for enterprise customers and their outsourcing service providers.

Uses of KM.   Knowledge management is a basic tool for business process management (“BPM”).  KM may include training tools (webinars, questionnaires, checklists, algorithms).   KM can enable effective post-merger integration to two organizations by providing transparency into each other’s operations.  KM can also be used to capture the implicit, contextual knowledge of a retiring generation of experienced workers.  KM is applied in outsourcing, supply chain management (“SCM”) and business process management (“BPM”).  Other applications include business continuity planning (“BCP”), disaster recovery (“DR”), audit and control for corporate governances and regulatory reporting.

What is Knowledge Management?    Knowledge management (“KM”) represents the institutionalization of business knowledge derived from personal experience, and the continuous process improvement “on the shoulders of giants” by process designers.  KM applies scenario analysis to predict the suitability for applying a pre-determined process.   It is not ad hoc, but responds ad hoc to situational triggers.  Components to any KM process or system include:

  • Scenario Triggers: precursor avenues leading to and funneling a work flow;
  • Inputs: the collection of relevant data needed to provide either the context for a work flow (such as criteria for initiating the work flow) or the actual processing of inputs;
  • Business Rules: the business rules (and regulatory requirements), or algorithm, processing inputs and delivering outputs as the intended results of the required operation;
  • Data Processing: the process of applying the business rules to the inputs after the scenario is triggered and delivering the outputs;
  • Records Management: the process of storing information in searchable formats, which may include a thesaurus, searchable links, and clusters of key topics and multiple documents (“records”).

Technologies Used in KM.  Virtually any digital technology can be used for KM.  This includes databases, repositories, intranets (open wikis or closed), extranets, decision support systems, project management tools, time billing and accounting software, web conferencing and online and offline storage systems.   With increasing mobility of computing devices and the use of social networks that can be used to diffuse information, and global cyber threats, KM poses cybersecurity risks to the enterprise.

Legal Issues in KM.    Several fields of law govern KM at different phases of creation, sharing, storage, use and reuse.  These legal fields cover issues in employment, intellectual property rights, trade secrets, corporate fiduciary duty, contractual restraints on competitive activities and related antitrust or competition law, privacy law, contractual rights on warranties and indemnification, and mergers and acquisitions.   In international business, the laws of multiple countries or multiple legal systems can apply, creating conflicts of law that require careful analysis and design for implementing a KM system or KM-based relationships.  Finally, governmental regulations can mandate the form of a KM system.

Employment Law.  Employees and contractors are sources of knowledge, as they take their experience and adapt it to specific problems for resolution.  Human resources departments must ensure that employees do not share knowledge that is subject to a non-disclosure agreement with a former employer or a customer.

Intellectual Property and Trade Secrets.   In the field of business services, a service provider uses work flows that could infringe the patent of a competitor.  Or it might use a trade secret for a purpose not permitted under a non-disclosure agreement.  Or it might present the work product in a form that is confusingly similar to the work product of a competitor under the Lanham Act or principles of “trade dress.”  KM tools and rules should include information about the sources and permitted uses of “knowledge” to avoid infringement litigation and to expand the scope of the organization’s proprietary (and thus competitive) operations.  In strategic alliances (such as teaming agreements and joint ventures) and outsourcing, both parties need to protect their own “KM” so that neither the outsourcer nor the enterprise customer can enjoy unfair competitive advantage after the end of the alliance or outsourcing contract.

Governmental Regulation.  KM has become a prime mandate of governments.  The Enron bankruptcy spawned the Sarbanes-Oxley Act of 2002, forcing public companies to maintain “audit and control” procedures beyond the general “best practices” previously adopted under generally accepted accounting principles (“GAAP”).  Under GAAP, Statement of Auditing Standards (“SAS”) No. 70 established procedures for auditors to verify that companies actually followed the procedures and work flows that they claimed to follow.  SAS 70 has since morphed into another auditing principle (SSAE 16), with a reduced standard of care and risk of liability for the auditors.   The Securities and Exchange Commission requires public companies to identify their vulnerabilities including risks of business continuity and processes for disaster recovery.  The Dodd-Frank Consumer Financial Protection law requires covered banks and financial services companies to adopt hundreds of specific processes, under over 300 regulations, to protect against risks of structural damage to the economy.

Getting Value from KM.   Managers can build enterprise value through KM tools and policies that promote increased efficiency, competitive positioning, transparency and accountability.  For efficiency, a “capability maturity” model may be limited in focus by addressing only constant improvements through analysis of “lessons learned” and proactive process redesign.   For competitive positioning, innovative, entrepreneurial managers can cast aside “inefficient” or complicated business models for new models based on new technologies.

Contract Clauses.  Virtually every business exchange involves the sale of some knowledge.  It can be embedded in a product, or it can be expressed as a means for using a product or consuming services.   Every contract for services (including “managed services” / outsourcing) needs effective analysis, planning and implementation of rules governing knowledge management.

Thinking Ahead.   KM principles are essential for any business.  KM contract clauses help ensure that the business will survive, thrive and adapt.

E-Discovery and Legal Process Outsourcing: ESIM Process Design and Choices between Outsourcing vs. Insourcing

December 21, 2009 by

State and federal rules of civil procedure and emerging common law of the discovery process impose significant costs on businesses that are engaged in litigation. Pre-trial “discovery” serves to narrow the issues in dispute by forcing the disclosure of records, including electronically stored information (“ESI”) for judicial economy, to narrow the scope of disputed issues for adjudication (such as through motions for partial summary judgment, admissions and prior inconsistent statements), and to speed the actual trial process. E-discovery has become a daily challenge for the General Counsel, the CIO, the COO and the Risk Management Department.  They face a choice of policies, procedures and technologies for insourcing (such as by using forensic software and employed staff) or outsourcing for electronic records discovery management.  This article explores some of the differences between insourcing and outsourcing in terms of ESI records management,  legal requirements for protection and production of electronic records, project management in forensic record examination, litigation readiness, knowledge management, risk management, ethics and legal compliance.

I. E-DISCOVERY AS A SUB-PROCESS OF RECORDS MANAGEMENT.

Record and Information Management (“RIM”) Policies and ESI Management (“ESIM”). The demands of e-discovery highlight the challenges of developing and managing effective governance policies and procedures for information of all kinds, including ESI, and the challenge of adopting and updating an ESI management (“ESIM”) plan for “business as usual.”  The International Standards Organization has developed a records management standard (ISO 15489-1, at www.iso.org). ARMA International (www.arma.org) has identified eight standards for records and information management (“RIM”), namely, accountability, integrity, protection, policy compliance, retrievability/ availability, retention, disposition and transparency.

Memory-storage devices have proliferated, challenging the company’s records custodian. In addition to computers, there are cell phones, cameras (stand-alone or in cell phones), scanners, facsimile machines, USB “key” drives, backup hard drives and other storage devices. All pose a challenge for a fully compliant response to an e-discovery request.

Legal Requirements for Protection and Production of E-Records. Federal and state rules of civil procedure have evolved to include electronic records. See F.R.Civ. P. 26(b), 34 and 45 (subpoenas) and F. R. Evid. 901(a) (authenticity). State procedural rules have been adopted to implement the Uniform Rules Relating to Discovery of Electronically Stored Information issued by the National Conference of Commissioners on Uniform State Laws. [Copy available at http://www.law.upenn.edu/bll/archives/ulc/udoera/2007_final.htm]. Basic common law, statutory and civil procedure rules in e-discovery start with similar requirements:

  • Protection: preservation of ESI through a “litigation hold” to prevent inadvertent loss when a third party demand has been made, or it has become reasonably foreseeable that such a demand will be made, and ensuring that the in-house attorney’s instruction is actually implemented (for example, avoiding the inadvertent over-writing of storage and backup tapes).
  • Accountability: identifying the scope and “proportionality” of the e-discovery requirements in relation to the overall scope of the dispute.
  • Cost allocation: allocating costs that are reasonable to the producing party and costs that are unreasonable to the requesting party.
  • Cost management: using search terms and other cost-effective automated search technologies to get the reasonable or “agreed” coverage for the initial triage, fulfilling the approach that information technology can solve the problem of searching massive records databases using search technologies. See, e.g., Zubulake v. UBS Warburg, LLC, 2004 WL 1620866 (SDNY July 20, 2004, Judge Scheindlin) and other rulings in the same case, at 217 F.R.D. 309 (SDNY 2003), 216 FRD 280 (SDNY 2003) and 2003 WS 22410619 (SDNY Oct. 22, 2003).
  • Integrity (authenticity and identification of the e-record): identifying appropriate methods and procedures for ESI production, including the appropriate level and nature of legal supervision of forensic inspections, to ensure authentication under F.R.Evid. 901(b) by using circumstantial information such as the file access permissions, file ownership, dates when the file was created and when it was modified, other metadata and hash values for the record when copied to a forensic computer for analysis.
  • Accessibility: under the rules of evidence: identifying and managing risks of loss of evidentiary privileges by the mere use of electronic e-discovery tools and procedures.
  • Accountability for Non-Compliance: identifying the sanctions for culpable conduct, mainly, “spoliation” (intentional or negligent destruction of evidence) or negligent collection done by the record custodian rather than by an automated process, such as:
  • judicial issuance of an instruction to the jury that the jury may validly draw a “negative inference” (or “adverse inference”) from the fact that the offending party could not produce the normally available documents in support of its legal arguments, resulting in a conclusion that, if the “lost” or “destroyed” records had been introduced into evidence, they would have supported a negative conclusion as to disputed factual matters; and
  • judicial sanctions including an order to pay the reasonable expenses, including attorney’s fees, caused by the violation of discovery rules, where, for example, the adverse party incurred expenses to overcome the inability to access the “lost” or “destroyed” (spoliated) records.
  • Project Management in Forensic Record Examination. Within a holistic approach to ESIM, e-discovery tools and techniques can be identified along the continuum of “cradle-to-grave” (or more appropriately, “cradle to judge and jury”) progress.   As a sub-process of electronic records management, an e-discovery process model can be used to identify the particular role or function of third-party software, in-house resources and an outsourcer’s resources.  By looking holistically at the end-to-end chain of processes leading to satisfactory e-discovery compliance, under such a paradigm, the end-result, production and presentation of ESI, can be managed by effectively adopting either a total control at the “information management” level (when records are initially created and stored).   The following is our own view of electronic discovery records management (“EDRM”) as a subset of an enterprise-wide holistic ESIM resource management paradigm for governance, risk management and compliance in e-discovery:

    2010-01-03-Holistic GRC E-discovery v3

    Litigation-Readiness: Converting “Business as Usual” IT into Information Management Operations for E-discovery. Information technology plays a strategic role in the enterprise’s ability to comply with e-discovery mandates. The enterprise’s legal department should team up with the IT department, the records management department and the line-of-business management to participate in the design – or re-design – of the enterprise’s information management operations and records management. E-discovery compliance features are now available through software that can troll the enterprise’s entire ESI, search for information according to a myriad of legal and business terms, technical parameters. In conjunction with the CIO and the records management department, the legal department can:

    • Gap Analysis: Conduct a “gap analysis” to identify which features are missing from those that are recommended or required under the applicable rules of civil procedure and common law, particularly those policies and procedures that involve data collection, classification, accessibility, storage, retention and destruction.
    • Strategic Access Plan: Develop a strategic access plan for the full life-cycle of “business as usual” and custody and control, including audit, of the company’s information and litigation-relevant information.
    • Process Design using an ESIM Paradigm: Apply the e-discovery records management sub-process of the enterprise’s holistic ESIM model to identify and segregate functions that will be performed by in-house or captive resources and those for outside legal counsel and outsourcing service providers.
    • Cross-Border Considerations: Integrate multinational and cross-border legal mandates into the design of the information technology and information management systems, at an early stage in the e-discovery process, to avoid breaches of foreign data protection and privacy laws when complying with U.S. judicial rules of procedure.
    • Integration of Internal and External Resources: Develop policies and procedures for use of outside litigation support services providers and an array of personnel and technology resources both domestically and internationally to fulfill e-discovery compliance mandates, without adversely impacting the ongoing business operations.

    Litigation-readiness must be added to the selection criteria for new IT initiatives such as “cloud computing” (here, the “software as a service” model, not the “variable IT computing-power as a service” model), internal and external social networks, Twitter and internal and external collaboration platforms such as wikis, e-rooms and Google Wave.

    Knowledge-Management Readiness: Managing and Protecting Corporate Knowledge. “Knowledge management” refers to policies, procedures and technology that enable an enterprise to capture, organize, identify, re-use and protect the confidentiality of its trade secrets. Knowledge management (“KM”) procedures must also enable the enterprise to distinguish among sources of confidential information that may be trade secrets, copyrights or patents of third parties (including “freeware” and “open source” software) as well. Accordingly, CIO’s must adopt KM planning strategies that, in conjunction with legal and compliance departments, also serve regulatory and legal requirements. The IT infrastructure needs to identify all such trade secrets during the e-discovery process so that, if disclosable, they are subject to non-disclosure and non-use under appropriate protective orders.

    II. RISK MANAGEMENT

    Risk of Spoliation by Employees and Contractors. According to one e-discovery service provider, a large majority of all corporate litigation is employment-related. If employees have access to change ESI, disgruntled or negligent employees pose a major risk of spoliation. Employees can unknowingly or intentionally destroy ESI evidence. Such actions can range from concealment (through downloading pirated software that deletes files on the employee’s web surfing history) to sabotage (actually deleting documents).

    As a result, the legal department and the CIO need to develop IT-enabled solutions to prevent such acts. This article does not address this particular issue, but it highlights the need for appropriate design of the overall information management architecture as a preventive measure.

    Risk Management. From the risk-management perspective, a proper defensive strategy will require an alliance between the company’s Legal Department, its Risk Management department and its IT department.

    • IT Role. The IT department needs to work with the Legal Department to ensure a proper chain of custody and proofs of authenticity.
    • Insurance. The Risk Management Department needs to help design and review the e-discovery process. Sanctions for spoliation have implications for coverages for directors and officers, employment practices, errors and omissions and general liability. The records manager needs to understand how the company’s Records Management (destruction) Policy meets e-discovery requirements.
    • Legal Department. The in-house Legal Department must not only manage the e-discovery process. It must design and manage effective records management policies, educate all employees about the e-discovery process and its role in management of risks, knowledge and records.

    III. BUSINESS MODELS: INSOURCING, CAPTIVES AND OUTSOURCING

    Business Models for Insourcing. Before comparing outsourcing and insourcing, it is helpful to consider the different business models in which an internal e-discovery operation can be financed. These models can be summarized:

    • Infrastructure Investment in a Complete e-discovery Toolkit. At the “high end,” the enterprise can make a capital investment in the essential tools of a fully “in-sourced” e-discovery operation. Such an investment will have significant payback for enterprises having a high volume of litigation with predictable volumes of e-discovery demands. Such enterprises will need to invest in all the people, process and technology necessary for the operation. If the operation is highly automated, it can be effectively managed onshore. If it requires substantial human review, part of the operation may be handled in offshore locations with remote access, security controls and other measures to prevent loss of confidentiality, competitive advantage and effectiveness. This leads to consider a captive e-discovery service delivery center. In this case, outsourcing can be a viable solution for that portion of the e-discovery process that requires supervised human review and analysis.
    • Pay-Per-Use Pricing. Where litigation is more volatile in terms of volume and timing, a “pay-per-use” pricing for insourced use of third-party technologies can prove cost-effective. This pricing model provides some benefits to enterprises that have very few litigations, but a large volume of ESI for assembly, analysis, protection and disclosure.
    • Consumption-Based Pricing. Consumption-based pricing reflects the volume of ESI being sorted and analyzed. This pricing model provides benefits for enterprises that want to allocate litigation costs to individual lines of business or affiliated companies, as a charge-back accounting principle that effectively rewards litigation-free business managers for staying away from the judicial system.

    Relative Advantages of Insourcing.

    • Industries Affected by Persistent Litigation. Several software tools exist that allow in-house counsel and the CIO to conduct the full forensic discovery using staff employees. Internalization of the discovery process makes economic sense where the company is constantly involved in litigation. Such companies typically include insurance companies, banks, consumer products manufacturers, and can include food service chains and franchisees. Other companies that are subject to class action claims for torts or securities law violations can fall into this category as well, impacting virtually any publicly traded company that has a volatile stock price.
    • Control of Records Management; Cost Management. Software and IT services companies argue that insourcing can significantly reduce the costs of e-discovery. They argue that, by taking control of the forensic search, collection, analysis and processing of a company’s electronic records, companies have more flexibility and control over the manner in which these critical discovery processes are conducted. This control can translate into cost savings by enabling a closer supervision on-site by the internal lawyers.Cost savings must be compared to comparable external services.Cost savings that might arise from an easier ability to make small changes in the search criteria, for example, may result in a loss of the hard-wired “e-discovery plan” that serves as the basis of justifying to the court that the discovery disclosures comply with civil procedure to locate and disclose all relevant records.
    • Protection of Trade Secrets and Intellectual Property. Insourcing, or using captives, can provide a significant level of additional protection for knowledge management, trade secrets and intellectual capital. Such protection comes at the cost of maintaining internally controlled resources. Outsourcers will claim that their security levels are higher than those in many global enterprises. Outsourcers offer personal non-disclosure covenants by individual employees. But there is always a risk, whether through insourcing or outsourcing, that the personnel having access to trade secrets, for example, might abuse their positions of trust through tipping a securities investor, selling the ideas to a competitor of the enterprise or other tortious conduct. Even a non-disclosure agreement does not constitute a valid non-competition covenant, and even non-competition covenants are unenforceable as a matter of public policy unless strictly limited in time, territory and scope, and (in California and some other jurisdictions) they may require additional payments of consideration. In short, neither insourcing nor outsourcing appears to have a clear advantage in this field, except that e-discovery managers who are employed by the enterprise might offer an advantage by having ongoing knowledge of what is (and is not) a trade secret for faster, better, “cheaper” claims to a protective order.
    • Effectiveness of Coordination and Collection of ESI. The use of skilled internal people who know the company’s operations may be able to provide better collection and coordination of ESI. However, “professional” e-discovery service providers may have the advantage in skills at the beginning as the company’s internal personnel become familiar with the processes and technology of e-discovery. Hence, insourcing might follow outsourcing until the processes can be internalized.
    • Reduction of Risks of Noncompliance with e-discovery Rules. Well-trained, well-supported internal personnel might be able to reduce risks of non-compliance in the typical e-discovery process.

    Relative Advantages of Outsourcing e-discovery. Outsourcing of e-discovery processes may be costly, but it may be the best solution for several reasons. This requires an analysis of the relative merits. This “gating analysis” should include appropriate considerations of staffing, quality, ethical risks and speed.

    • Staffing. One of the key benefits of outsourcing, and one of the key parameters in selecting the right outsourcing service provider, is the service provider’s staff. The best outsourcers have developed a methodology for human capital management in the specialized field of e-discovery and related disciplines. The outsourcer designs a service delivery platform, recruits, trains and tests its staff in generic functions (including project management, information technology and security) and then offers this staff for custom-training on the litigating company’s particular process and e-discovery requirements.Using a business company to provide litigation support can run afoul of ethics and disciplinary rules applicable to the litigating company’s (or its law firm’s) lawyers. Law society rule in England will be changed if and when a pending draft law is modified to permit competent non-lawyers to perform tasks that might be considered the practice of law. Under applicable ethics opinions of the American Bar Association and various city and state bar associations, the in-house lawyer or outside law firm cannot escape certain core ethical duties:
    • to supervise the work of the outside service provider;
    • to avoid assisting in the unauthorized practice of law (“UPL”)
    • to ensure the protection of client confidences;
    • to avoid waiving any rule permitting a claim of legal privilege (and to rectify innocent or mistaken disclosures, see e.g., Fed. R. Evid. 502);
    • to avoid conflicts of interest;
    • to protect against data loss, theft or other act or omission that might constitute sanctionable spoliation;
    • to comply with the rules of court relating to e-discovery and management of ESI at all stages.
      Vendor selection involves finding the right fit for the particular litigating company’s legal, regulatory, compliance, privacy, legal ethics and security requirements.
    • Service Level Metrics and Quality Considerations. Few internal employees want to live by performance metrics. Outsourcers live by “guaranteeing” service metrics and other quality parameters.

    Offshoring Issues. In considering an offshore captive or an offshore LPO outsourcing, the company’s lawyers must evaluate special cross-border legal issues.

    • Export Controls. By transferring any U.S. data abroad, the company may require a license from one or more branches of the U.S. government. While commercial information may be subject to a general export license that does not require any notification, filing or administration, some information (such as software or design information that may have dual civilian and military uses) may require a specific license. Similar issues arise where the company’s ESI includes trade secrets, pending patent applications and other information that is subject to a required export license.
    • Data Protection. Data protection rules under HIPAA and other legislation may apply to the data being processed. Foreign LPO service providers must ensure compliance.
    • Privacy. Privacy rights arise from many legal sources and different jurisdictions. Depending on the source of any personally identifiable information (“PII”), any transfer of company records to a foreign LPO service provider may violate applicable rules. This issue suggests a proactive approach in the design and implementation of the company’s overall information management systems.
    • Third-Party Consent. The information in a company’s database may include information that is licensed under restrictive disclosure conditions or where a third-party’s consent is required by an applicable law. Third-party consent may be required.
    • Client Consent. The information in a company’s data base may also require the client’s consent
    • Political Risk. Foreign service providers come with a suite of political risks that could impair service quality, timeliness of service, confidentiality and other custody and control issues for the ESI and the foreign nationals accessing such ESI.

    IV. PROJECT MANAGEMENT

    Most effective e-discovery procedures will require effective integration of internal and external resources. The design, planning, implementation, performance, intermediate re-balancing and supervision of all resources remain, of course, in the hands of the company, and, in particular, in-house attorneys. The Legal Department (which is ultimately responsible) may wish to consult with “outsourcing lawyers” not merely with litigation counsel on achieving a flexible, cost-effective, efficient design, vendor selection and supervision, review of compliance with ethics rules and project management.

    Evaluation Process. Companies evaluating an LPO solution for e-discovery (or any other LPO) should therefore carefully explore all relevant implications, design the program for compliance and quality of service, address special issues involving any cross-border data flows and other commercial, judicial rules, legal and ethical requirements.

    Project Management Roles. Each LPO project requires thoughtful and careful attention to ensuring that all responsibilities of the different parties are aligned with their roles. Within the outsourcing model, there is room for designing and allocating roles and responsibilities to give in-house attorneys control of the process so that they can manage the ethical responsibilities. The introduction of the LPO service provider raises new questions whether the cost-controlling measures will impair (or improve) the quality of the outcome. External lawyers could also manage the service providers.

    V. BUSINESS MODELS

    • Business Models. Currently, most LPO e-discovery services are conducted under business models of insourcing (including contract attorneys), captives and outsourcing.
    • New Models. Over time, companies and their legal counsel will become more familiar with the tools, alternatives and strategies for effective LPO, including identifying and assessing risks and evaluating a risk-benefit matrix.  With greater maturity in capabilities, new business models for identifying and managing e-discovery processes, tools and personnel may evolve.   The impact of cloud computing, platform-as-a-service, software-as-a-service, virtualization of both servers and client computing and mobile computing will challenge enterprises and their technology and legal service providers to integrate a holistic and global ESIM process to incorporate the EDRM subset as “business as usual.”