Cloud computing is an expected foundation of corporate enterprise information technology, but the legal sector is still debating whether all electronic discovery should be supported by cloud infrastructure.

Early business models that adopted the new cloud paradigm created an extraordinary first wave of value, and the first cloud application companies proved that it is fair and legal. Cloud-only e-discovery software providers have met with substantial acceptance in big law, and approximately half of the AMLAW 200 firms used cloud-based eDiscovery for at least some of their work in 2018. So why is fully transitioning e-discovery to the cloud still a debate?

If cloud technologies are appropriate for the execution of ordinary course of business, why would they be inappropriate for supporting legal requirements such as responding to document requests? If the source of electronically stored information is the cloud in the first place, why would it be inappropriate to use cloud resources to identify, collect, process, review or produce from or in that same environment?

The answer lies not in technology, but in policy. Legal policies lag commercial processes whenever any new technology emerges.

Key Points to Consider

If you are faced with the choice of whether to use cloud infrastructure in support of your legal processes, there are key questions you will want to address.

  1. Is the cloud a secure environment in which to process, host and review ESI?
  2. Does a cloud-based solution provide sufficient value to warrant revising your e-discovery policies?

The first question is a clear gatekeeper. To answer it, it is necessary to establish some definitions.

For starters, there is no one “cloud environment.” To understand security in the cloud requires understanding the commercial terms under which infrastructure and software are offered by cloud-based service providers.

Any cloud “environment” is the combination of actual technology infrastructure (networking, computing, storage), commercial commitments, and operating policies that any particular vendor has assembled as implemented by the service provider leveraging those resources.

Every cloud offering is its own environment, with leading cloud providers such as AWS, Google, IBM, Apple and others offering varying commercial terms and software/service providers leveraging them in various ways. Every instance has its own capacity, scalability, and security. The security question cannot be answered generically; rather, it must be addressed in the context of a specific service offering.

Many roadmaps are available to come to grips with an answer. For example, the U.S. Department of Commerce National Institute of Standards and Technology provides a framework for how to address cybersecurity. Assessing, monitoring and maintaining security of a cloud environment has become a service sector unto itself and there are many qualified providers of such services.

Any cloud application provider that claims to deliver a secure solution should have such security management services integrated in their operations. The security question is an essential question. Any provider delivering a robust e-discovery solution should be able to answer it equally well for cloud-based solutions as for non-cloud-based solutions.

The Question of Value

An answer to the second question—value—should be more accessible if you have already put the first question to rest. The value of any technology-enabled legal service can only be assessed after you have determined that it meets your security requirements.

Cloud-based e-discovery gives the user more control at every stage of any e-discovery project and has the potential to deliver extraordinary value, across a number of dimensions. Some of these include:

Fast project initiation. E-discovery projects often require fast responses. Response times are typically measured from when Electronically Stored Information (ESI) is delivered to a vendor to when processed ESI is available for review. That definition misses an extraordinary potential delay—project set up. Pre-establishing contractual terms and allowing end users to set up projects directly via a web browser interface reduces that delay (sometimes measured in days) to minutes.

ESI collection. The identification and collection of ESI also require administration and can consume substantial time, including time spent on internal IT task administration and time spent physically shipping media to vendors. Cloud-based ESI collection enables ESI to be loaded directly to the processing environment from any permissioned source, including local, network or Internet sources (such as Internet email or social media sites).

Scalability of processing capacity. Allocating server capacity to substantial e-discovery projects in traditional data center implementations requires IT and operations personnel to manage resource allocations. Cloud-based solutions can scale processing capacity to match project requirements automatically.

Scalability of storage capacity. Similarly, cloud-based e-discovery solutions enable storage to scale automatically to project requirements. When a small project explodes, resource allocation is seamless.

If the value is there, it is worth getting past the wonder of the cloud and start simply expecting e-discovery in the cloud. We have reached the point that, in fact, it is just there.

This column does not necessarily reflect the opinion of The Bureau of National Affairs, Inc. or its owners.

Author Information

Cliff Dutton is the chief innovation officer at Epiq. He drives business model innovation and leads the company’s product strategy, both for proprietary software and third-party software integrations.