Asia (Other)

Screenshot 2019-11-27 at 5.19.33 PMThere has been a dawn raid with 100,000 documents to review. What is the process from here?


The dawn raid has led to the forensic collection of 100,000 documents, now safely secured on a hard drive. What is the process from here? It’s important to plan your strategy in advance to minimise downtime, extract relevant documents and get ready for production.

Data Culling

The first thing to do with your core data set is reduce it to a manageable volume. There are a number of tools that can be employed here, the first being de-duplication. De-duplication works by identifying identical documents bearing the same MD5 Hash Values. This is applied at a global level to remove exact copies of standalone documents but also duplicate emails, resulting from multiple mailboxes being extracted and removing emails between mailbox custodians. This can quickly reduce your document set by 10-20 percent on average.

Email threading is a similar tool that can be applied to emails. Email threading takes those long chains of back and forth emails and removes all “early” emails, leaving just the final email chain in the data set for review (allowing potential reduction of 20-30 percent of an email set). It also recognises where emails split off from the main conversation and prioritises the documents so those two chains are sequential. This enables reviewers to ascertain the stories behind the emails more quickly and review more efficiently.

There are also tools that can allow Early Case Assessment such as Foreign Language identification, Near Duplicate Analysis and Clustering.

Know What You’re Looking For

The next stage is to take advantage of the forensically sound collection of your data and its preserved metadata by running some matter-specific identification of relevant material. This can involve restricting the data set to the specified data ranges pertaining to your matter, therefore further reducing the data set. In addition, keyword searches should be run across the set for numerous purposes, identifying:

  • Potentially relevant documents to be included in review;
  • Documents to be excluded such as irrelevant deals, projects etc;
  • Documents to be segregated for different review teams/levels eg materials from a CFO which should be reviewed by Partner/General Counsel, etc rather than First Pass reviewed; and
  • Key custodians to be prioritised or removed.

In addition, you should take this opportunity to consider whether your newly culled dataset is of such a size as would benefit from implementation of Technology Assisted Review (TAR) to either prioritise or further reduce the documents for review by inputting review decisions in an algorithm — akin to letting Netflix suggest your next film or TV show to binge-watch based on the TV shows you have watched to date.

Managing Your Resources

The next query is who will be undertaking your review? Do you have a review team in-house or will you need to hire additional resources? Alternatively, you could engage the services of a third party to leverage their teams of reviewers to undertake First Pass Review, effectively culling irrelevant documents and allowing your own reviewers to focus on key documents and preparation of legal strategy, making the most of their valuable time. You should also consider whether you require foreign language reviewers or translation services. In addition, depending on the matter, you will need to consider whether expert reports should be prepared and which experts to engage.

Keep an Eye on the Clock

A final step with your documents — make sure you know your deadlines! Your matter timeline will impact decisions in relation to resourcing, as well as when to engage experts, Counsel and prepare evidence.

It’s a lot to think about but spending time properly planning your project will save you valuable time in the long run.




Established in 1999, Law In Order is the leading supplier of end to end document and digital solutions to the legal industry providing expert litigation and arbitration support through our cost-effective document production, expert discovery management and specialist eArbitration services.


By Robyn Kidd



Screen Shot 2019-04-12 at 3.34.17 PM

3 Phillip Street, #17-01, Royal Group Building, Singapore 048693
T: (65) 6714 6655

Unit 901, 9/F, Beautiful Group Tower, 74-77 Connaught Road Central, Sheung Wan, Hong Kong
T: (852) 5803 0000

Related Articles by Firm
Data collection and early case assessment for investigations
Data collection and analysis for investigations is very different to collection for discovery or review. This article discusses the differences; how Early Case Assessment (ECA) can assist and the benefits of using review technology ...
Spotlight on eDiscovery
Many people are still confused about what electronic discovery encompasses ...
Will we see the end of Keywords in eDiscovery?
With the advances in Technology Assisted Review (TAR), it raises questions as to whether keywords still have a place in eDiscovery ...
How to Make Data Collection More ‘Effective’
Data can be collected efficiently, but if relevant data is not collected then the case will not come together.
Information Governance: Preserving Data and Being Prepared for Investigation
Organisations need to ensure their rules around information governance are being enforced. Many US organisations have an information governance officer in their IT, legal ...
How to speak IT
Ideally, everyone should have a basic understanding of the company’s IT infrastructure, not least because as more companies digitise, the risk of cyber threats increases. A cyberattack can come from anywhere ...
Computer Forensics and the Rise of the Drone
With more people being confined to their homes in different parts of the globe, hobbyists will be finding new uses for their drones ...
Redactions? How to Ensure There are no Nasty Surprises
With recent headlines highlighting the damage and embarrassment that can be caused by poorly redacted documents, it is no wonder many firms and corporates are turning to legal document management specialists to secure their redactions ...
Self-Collection Risks
When digital evidence is required at the start of a matter, it’s easy to get swept up in the moment and start rushing to gather the evidence but this is a key time to step back, take a moment ...
Bringing eDiscovery In-House? Four Tips to Get You Started
With an increase in litigation and in costs for document review, more and more companies are considering bringing parts, if not all, of the eDiscovery process in house ...
A Lawyer’s Future is Looking Sharp with Electronic Hearings
The benefits of running an efficient collection and forensic process extends all the way to the hearings room ...
Forensic investigations, the role of corporate counsel and the rise of information governance
Head of Forensics – Erick Gunawan, discusses the Role of Corporate Counsel in the context of litigation or investigation and the increasing importance of information governance ...
Forensic investigations and cross-border matters
What are the current trends in forensic investigations for cross-border matters? Head of Forensics - Erick Gunawan, looks at the constant evolution in data types and volumes, and the ever-tightening data privacy laws and regulatory intervention ...
Adopting eDiscovery for internal investigations
In-house counsel are often called on to manage an internal investigation. How can you effectively plan for and manage these investigations? We explore how electronic discovery (eDiscovery) tools help you mitigate risk and achieve your fact-finding mission.
The evidence collector that’s always with you
It is an integral part of our life these days and an item that is rarely further than arm’s reach ...
Related Articles
Related Articles by Jurisdiction
How to Make Data Collection More ‘Effective’
Data can be collected efficiently, but if relevant data is not collected then the case will not come together.
Revisiting the AMLA in light of transnational money laundering
For several decades, money laundering has extended the reach of transnational organised crime throughout various nations ...
A roadmap for response and remediation
Cybersecurity professionals are no doubt familiar with the oft-repeated adage that there are only two kinds of companies — ‘those that have been breached’ and ‘those who do not know it yet’ ...
Latest Articles