Thought Leader Interview with Michael Sarlo of HaystackID, Part Two: eDiscovery Trends and Best Practices

I recently interviewed Michael Sarlo, Partner and Senior Executive Vice President of eDiscovery of Digital Forensics for HaystackID, who is an expert in cross-border matters and EU data privacy concerns, as well as a certified and highly credentialed forensic examiner.  We covered so much with regard to eDiscovery trends that we couldn’t fit it all in a single blog post.  Part One of my interview was published Wednesday, here is part two.

You’ve already touched a little bit on discovery of non-traditional data sources.  What other observations do you have regarding them and what advice do you have for our readers regarding addressing those ESI sources?

With non-traditional data sources, we talk a lot about data collection, but the biggest issue may be presenting it in a form that could be used in a deposition or in a courtroom that represents what it looked like when originally displayed through your web browser. 95% of non-traditional data types are web-based, or at least web-based in nature. Where we’re really innovating now is the review of that data and new mechanisms to be able to identify potential responsive data earlier.  We’re working with a lot of these data types using cutting edge analytic workflows, more from a structured analytics standpoint, leveraging high level data analysis at the outset. Not only being able to find the important data more quickly, but also to massage these data types into different types of analytics platforms, so they can be reviewed in context and acted on normally. I think that’s the next gen phase of where we’re going in eDiscovery.


You also spoke a little bit about what you’re doing with corporations and corporations are facing more challenges than ever with regard to the pandemic.  And those certainly extend to discovery as well. HaystackID has a very established corporate consulting practice. What advice are you and HaystackID giving your corporate clients with regard to how to address those challenges?

The challenges are robust for our corporate clients and the current pandemic health issues are chief among them.  Those certainly include potential risks for liability with regard to congregation of employees, having to respond to shifting guidance from the Center for Disease Control (CDC) and/or state and local governments regarding ability to congregate and also the political elements of whether people should be congregating. These are definitely challenges for some of our larger corporate clients who have large workforces.  Asking people to come to the office to turn over their computer for an investigation was already a difficult discussion and even more so in the time of social distancing.

With all of these health risks to consider, we’re working with corporations to deploy contingency plans that heavily rely on technology, which includes consolidating the reach of data points around archive systems or agents and also putting policies in place that prevent the proliferation of data to sources that might be harder for us to collect in the event of an incident.

Mike, people generally think about eDiscovery is associated with litigation, but I see it more and more tied to other activities such as investigations, especially as they relate to FTC and DOJ investigations and Second Requests. What are your thoughts about that and what is HaystackID doing to address challenges in that area?


I would say about 90% of my practice is what I would call an enforcement and regulatory response. It’s much different than a typical litigation. As you move up in your “weight class” as an eDiscovery vendor, you start to see a lot more of these and it’s also based on your capabilities from a global scale, which we’ve really focused on expanding over the past five years. One recent challenge here is that regulators, because of the pandemic, gave lawyers and their clients the impression that they would offer leniency on timing agreements, then suddenly started to put the pressure on again to keep the investigation process moving swiftly, which has led to confusion. The regulators were getting bored sitting at home too, but are definitely back to work now.

Investigations often break the paradigm of traditional operational models. While your typical litigation can sometimes be chaotic, you still have a good sense of what’s required and what the milestones are and the timing for those milestones. Investigations are a lot more unpredictable in terms of what to expect and the timing for it all, especially in Foreign Corrupt Practices Act (FCPA) and anti-trust investigations. We start with an expectation of scope, but if you’re doing your job and you’re uncovering evidence in the investigation, that scope can dramatically scale and change. As a result, you need experienced and adaptable teams that are often your most seasoned people with experience managing across the enterprise to meet rapidly shifting deadlines.

From a Second Request standpoint, we’re seeing bigger and bigger Second Requests. I personally oversaw over ten Second Requests last year, which is about 15% of all of the Second Requests being conducted. And, we’re continuing to see even more this year. The sizes of the deals are much bigger. In this economic climate, a lot of companies have cash on the sidelines and they’re looking to take advantage of certain synergies, so we’re seeing larger deals come out as people look to clean up balance sheets. We’re also seeing the more of these alternative data types that we’ve been discussing that need to be reviewed and produced, so we have proprietary workflows that allow us to push those short message formats and alternative data types through our Technology Assisted Review (TAR) process for Second Requests.  As with litigations, it’s just as important to create an efficient TAR workflow for Second Requests. For matters that have as many as 50+ custodians on the Second Request side, managing that volume of data within a TAR workflow is critical to avoid spending as much as four times what we would spend on a purely human review.

HaystackID has done a lot of work there to streamline that process. In addition, just having a battle plan and a playbook that brings together all of our directors and our heads of certain departments and puts them into really active oversight roles on these matters helps ensure their success.  Because the risks are incredibly high, so we do everything we can to make sure they go as well as possible.

We’re not done yet!  The third and final part of my interview with Michael Sarlo will be published on Monday.

So, what do you think?  Please share any comments you might have or if you’d like to know more about a particular topic.Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Leave a Reply