Published in Asian-mena Counsel: Cyber Crime & Data Protection Special Report 2019
The e-discovery landscape across Asia is diverse, but increased adoption was in evidence at the 10th annual Relativity Fest, write Tim Gilkison and Rahul Prakash.
E-discovery (or ‘e-disclosure’, as it is sometimes called), has gone from being a fairly niche concern to a vital and growing business, and a key aspect of any major organisation’s defence. Its tools are used by law firms, corporates and, increasingly, government agencies. Mostly driven by the forces of litigation in the US, and as an investigative-compliance tool everywhere, how e-discovery is applied is very much dependent on the jurisdiction. In the US, for example, companies have historically been compelled to hand over larger amounts of data and documents to be shared with parties involved in any dispute, whereas, in Europe or Canada, privacy concerns and respect of proportionality mean that only documents deemed to be highly relevant are usually demanded. And while the US system has become more privacy conscious over recent years, the need protect your organisation by being on top of your data is more important wherever you are. As Meribeth Banaschik, a partner at EY, put it: “There’s now a monetary reason to organise your data.”
Wendy King, senior managing director of technology with FTI Consulting told us: “We are starting to see that corporate counsel are recognising the need to know what’s happening with their data. They want to have more involvement in e-discovery and paper investigations. They have a big interest in controlling what goes out from their corporations from a data perspective, and the tools available to maintain data privacy, accelerate the review process and to keep costs down while doing so. In-house counsel are becoming more part of the e-discovery conversation than in the past.”
Ben Sexton, vice-president of e-discovery and analytics at JND, a US legal administration company, adds: “Plaintiffs’ ability to substantiate their claims often depends on how effective they are at locating a small slice of evidence amidst a trove of non-responsive documents. ‘Finding the truth’ is plaintiffs’ primary objective, and they are eager to leverage the most cutting-edge technology and workflows to do so. Like plaintiffs, in-house and defence counsel make decisions in the interest of their company or client, but their incentive package looks a bit different. A corporate or defence firm may be slow to change their approach simply because a new software advertises being better at finding “smoking guns” against their client, especially if it means spending more money. Corporates aren’t anti-change, but the more compelling forces to adopt new technology for corporates are often cost reduction or regulatory compliance.”
Relativity, the legal tech company headquartered in Chicago, produces one of the most widely used e-discovery platforms globally. With offices in London, Krakow, Hong Kong and Melbourne, as well as their home in the ‘Windy City’, in their words, they “make software to help users organise data, discover the truth, and act on it”.
Relativity Fest
According to Relativity, they now have more than 175,000 users with 185,000-plus active cases currently running in Relativity alone, and an incredible 127 billion files under management. Given the scale of the Relativity’s market penetration (including RelativityOne, the cloud-based version of the platform), it’s perhaps no surprise that its three-day user conference, the 10th iteration of which took place at the Hilton Hotel in Chicago in late October, is a big deal.
A mixture of training, with dozens of workshops each day, peer networking, development and socialising, we joined the more than 2,000 delegates, mostly Relativity users, attending the event, which opened with a gospel choir (this is Chicago after all) that gave the gathering the feeling of a revivalist meeting, after which the company’s key executives, greeted with similar fervour, took turns on stage to announce the latest updates, initiatives and new add-ons to the platform, and closed three days later with Relativity’s Innovation Awards, which notably, from an Asia-Pacific perspective, recognised the initiatives of a significant number of Australian law firms and developers.
With goateed techies and suited lawyers mingling together in the corridors of the hotel, along with the hosting Relativians (yes, they call themselves that) it was a strikingly diverse crowd, but it was also noticeable talking to attendees that there was a genuine (almost evangelical) passion for e-discovery development, and particularly for Relativity. Contributing to that may be the extent to which the platform is augmented by a wide variety of partner-developed add-ons, many of which were being demoed at the event, and which allow for a greater level of user engagement, and strengthen the base offering, from translation and navigation to integration and analytic tools, and mean that many are not just users but part of the platform’s evolution.
Security
Aside from the adaptability and array of add-ons, another key aspect of the platform cited by its users is its overall security.
Amanda Fennell is the chief security officer at Relativity, overseeing all aspects of compliance, product and cyber security at the company. Her Calder7 security team has quadrupled in size since its introduction in 2018 and is responsible for delivering Relativity’s fully integrated security program and industry-leading security posture, making her and her team key figures in the organisation.
“We take a holistic view of security which means we take all of our cyber expertise and intel and merge that into the product area with a compliance backbone,” she says. “An example is if a new exploit [a malicious attempt to gain unauthorised access, or to force a vulnerable program or operating system to perform unexpected actions] becomes more active in the threat landscape, we are able to use our intel to proactively recognise that trend and reprioritise the risk associated with needing to patch or deploy a defence in-depth perspective on the exploit.
“In regards to the security of our SaaS platform, RelativityOne, it is of paramount importance because the platform handles large amounts of potentially sensitive data. Advanced persistent threats (APT) attacks, like APT10 or APT31, are becoming more and more active in the cloud arena. With data this sensitive, being a strong link in the supply chain is paramount.
“Many organisations see the ‘people’ as their security weakness, but I like to see people as our biggest strength. It is often glossed over that the building blocks of a security program are technology, process, but most of all: people.”
An Asian discovery perspective
Baker McKenzie is one of the major law firms using Relativity for a large part of its e-discovery process. Based in Hong Kong, Benson Mak is the regional manager in the firm’s growing global e-discovery team in Asia (currently with two members in the SAR and two more in Australia).
“Where many other firms use vendors for their e-discovery, Baker McKenzie are one of the few firms in the region that manage everything in-house. I joined the firm three years ago as part of that process, and at the same time we started using the Relativity platform in-house in APAC.” So what’s driving the growth of e-discovery in Asia right now?
“One factor is the current uncertainty about trade relations between US and China, which has led several companies to consider moving their factories out of China into other countries in the region, such as Thailand and Vietnam,” says Mak. “This has the potential to lead to disputes with local partners and employees in the Chinese operations.”
In addition, Mak says, the effect of new privacy laws in other countries means that companies are increasingly turning to law firms to seek advice on how they should collect and review data in a more compliant way.
E-discovery and data forensics are increasingly being used as tools in Asia, according to Hideki Takeda, chief technology officer (among other directorial roles) with Fronteo in Japan. “But in the age of information explosion and a globally litigious environment, it’s not only difficult to find the right data, but also do it in an efficient manner,” he says. “The language barriers in Asia do not help in this.”
Discussing their own platform, Takeda adds: “Our KIBIT AI technology, which is capable of handling Asian languages (currently supporting Chinese, Japanese and Korean), helps in making the e-discovery process more efficient by reducing the amount of unnecessary data generated. We make use of KIBIT AI throughout the e-discovery process, not just document analysis, thus improving the speed and quality significantly.”
One trend is in data infiltration investigations, especially in relation to IP and patent issues in China and Silicon Valley, according to Brad Kolacinski, principal in the compliance, forensics and intelligence practice at Control Risks.
“Clients come to us when they become aware or suspect that staff, say engineers, newly hired from one of their competitors, have brought with them unwanted data from their previous employer, for example their IP or trade secrets, which could be a huge litigation risk for the hiring company,” he says. “Once it’s established that this data has been brought into the business, it’s incumbent on the hiring company to investigate, find the data, delete it from their databases and track where else in the organisation the data has spread to. Control Risks comes in as an independent third party to do the investigative analysis. A large amount of data is pushed to the Relativity environment which helps us to identify where the unwanted data is in the network.”
Jason Lo, the litigation practice group and e-discovery manager based in Davis Polk’s Hong Kong office, was another attendee at Relativity Fest. His e-discovery journey started with Epiq Systems, later working for a bank via a business process outsourcing company before joining the US law firm last year. Being the first e-discovery specialist in the firm’s Hong Kong office Lo works closely with his Davis Polk discovery colleagues in New York. One the reasons he sees for e-discovery growth in Asia is the increasing variety of data sources.
“For example, clients in India, China, Korea or Japan all use different platforms for messaging,” he says. “In China, WeChat is prevalent, whereas in Korea they might be using Line, and WhatsApp elsewhere, so collection of data is more complicated.”
Are the firm’s clients always aware of the e-discovery processes and purpose? “It really varies, for example the banks tend to be very aware and even have their own e-discovery teams in-house running their forensic collections, whereas in other industries we might have to assist and educate them much more in the process.”
And how does Lo think the e-discovery landscape will develop in Asia going forward? “It partly depends on the development of the regulations. In the US, the SEC and the DoJ have their guidelines on how we handle e-discovery production, whereas in Asia, many of the regulators don’t have such guidelines, so we have to deal with things on a case-by-case basis, discussing with the regulators and opposing parties any production protocols we may have ahead of time before we start.” Lo continues: “We see a lot of growth in e-discovery in Korea and China particularly, though in China, because of the very particular state secret and data privacy issues, we need to ensure documents are reviewed within the country and not moved elsewhere, unless we are certain those issues are not relevant.”
Stuart Hall has more than 20 years of e-discovery industry experience, including the last five at Relativity, where he currently works as Relativity’s manager for the Asia-Pacific region.
“The e-discovery landscape across Asia is diverse,” he says. “Singapore and Hong Kong implement e-discovery much in the way it is in the US or Australia, whereas in jurisdictions like Japan and South Korea, where they are not subject to the same discovery obligations, use of e-discovery is driven more by compliance regulations, anti-corruption efforts, personal data protection rules or by a company’s US-inbound activities.
“For Relativity, our client-base breaks down into four main groups: advisory and. channel partners, which includes the big four, and companies such as BDO, Control Risks, Grant Thornton etc, as well as the e-discovery vendors such as Epiq, KLD or Law in Order; and then our enterprise business focuses on both local and global law firms such as Clayton Utz, Kim & Chang or Herbert Smith Freehills and Baker McKenzie etc. We also have a number of governmental department clients, such as the Hong Kong SFC, and then we have the corporate clients, mostly those who operate in either highly litigious or heavily regulated areas, which obviously includes those in financial services.”
For the advisory partners, Hall’s role is to help them build out their services using the platform, providing certification training so they have qualified people using the technology and to help them “maximise their utilisation of the platform. We also have co-selling arrangements with a number of the partners.”
Hall says: “One of the macro trends we’re managing right now, particularly with the law firms, is a move to the cloud. We’re helping our customers move through that process as they have questions related to cost, and concerns about data regulatory implications, etc.
“Another emerging trend we’re seeing particularly throughout Asia,” continues Hall “is the importance of compliance. Where I’m based in Australia, the Financial Services Royal Commission really drove a huge amount of interest in compliance and I think it’s cascading throughout Asia. There’s a greater obligation for corporations to manage their information more effectively. Where discovery is a reactive issue that may not be so relevant for those in jurisdictions where there are no formal discovery requirements, there is still an obligation to track and manage data and so we’re seeing a growing number of corporations and law firms in the region show interest in our proactive compliance monitoring solution, Trace, which allows these organisations to better manage risk. Whether the processes being flagged relate to anti-money laundering, the Foreign Corrupt Practices Act or insider trading, Trace allows its users not just to monitor the transactions themselves, but the communications associated with those transactions, so if you’re on a Bloomberg or Reuters chat and talking about all these different trades you’re able to monitor all that and pull it together with some of the trade data, and combine that with other sources as well, to see if there’s, say, any insider trading going on. It’s about putting the organisation ahead of any problems, rather than just being reactive to them.”
It will be interesting to see how many Asia-based counsel are ahead of the curve by the time next year’s Relativity Fest takes place.
Click Here to read the full issue of Asian-mena Counsel: Cyber Crime & Data Protection Special Report 2019.