By Phil Beckett, Partner, Proven Legal Technologies
In cases where an e-disclosure investigation is necessary, it is essential that the procedure is highly efficient and provides clear and concise results. However, we continue to see that firms are making crucial errors in the process, such as agreeing to search for ineffective words and phrases.
Here are the top 10 worst e-disclosure searches:
1. Words likely to appear in email footers
Terms that appear in standard email footers will do little to narrow down the search process. Examples include: “deletion”, “company”, “legal”, “confidential”, and any alternative forms of the words.
Searching an individual’s or custodian’s name is impractical as they often, if not always, appear in email signatures. In addition, there are numerous alternative spellings and abbreviations that would require separate searches.
3. System-related words
Using words that are common place within computer or system terminology often brings up a vast number of false-positive results, for example “network”, ”windows” or even “data”.
4. Standard terminology
Using standard terminology, be it relating to the specifics of a business (for example, products, or customers) or relating to business in general (invoices or sales), can create a large number of results. These results will generally need to be combined with other terms to be effective.
Fraudsters would rarely use this word within emails or other methods of communication, not least because they do not believe that they are doing anything wrong, hence searching for this term will be fruitless.
6. Misunderstood syntax
The same sentences can have numerous implications and meanings depending on its grammatical characters and structure. It is therefore essential to ensure that the search accounts for this possibility or eliminates any incorrect interpretations.
Many custodians use abbreviations or initialisation to reference names or as signatures. However, searching individual letters, particularly “A” and “I” will prove futile due to their high frequency.
8. Proximity searching
When a phrase is searched, frequent words such as ‘a’ and ‘of’ are treated as “noise” or “stop” words, meaning that a phrase containing noise words will not be searched as intended. A more appropriate method is to use the “X within two words of Y” operator, where for example, “bill of sale” would become bill w/2 sale.
9. Searches in which one expects obvious fraud
In most cases, perpetrators of suspected wrongdoing will be aware of the legitimacy of their actions and will endeavour to conceal them, thus searching material that blatantly betrays the fraudsters is unlikely to be successful. A recent example is being asked to search for the term “brown envelope” because the client had a vision that the perpetrator was handing over a brown envelope of cash under a table.
10. Key words
It is sometimes inappropriate to use key words at all. One example of this is when actions are being deliberately concealed. Another is when dealing with hard-copy material that has had Optical Character Recognition (OCR) to make it searchable. No matter how good the software is, it will be dependent on the quality of the paper, text and scan. Words can be incorrectly identified on a regular basis, which would not be responsive to a key word search.
Search processes within e-disclosure investigations should be cyclical and progressive, building on the findings of previous searches in order to narrow down results. Firms should also consider whether key word searches are suitable to the nature of the investigation, or whether alternative methods would be more suitable.
In order to establish an effective method and specific list of search terms for an investigation, businesses should seek expert advice and consultation. Specialist key word analytics tools and experience eliminates time-wasting as well as significantly increases the likelihood of producing crucial results and a conclusive investigation.