If you are at ARMA 2013 this year in Las Vegas, I’m looking forward to seeing you. I have a lot going on, including the panel below, moderated by incoming ARMA President Julie Colgan. See you there!
We have worked with the eDJ Group in the past to survey the market about Information Governance attitudes and practices, and I am pleased be working together on a new survey. This time we have an additional partner – ARMA International – which is excellent.
Our new survey asks some of the same questions we asked previously so that we can track year-over-year changes, but we are also digging into some new areas like big data and predictive coding. Please take a moment to complete the survey. We will be releasing the results publicly, and this kind of data is good for all of us as we try to move the information governance ball down the field (unlike the NY Giants this year – what the heck?).
Check out the results of our previous surveys to get a flavor of the kind of insight that we expect to get from the survey.
“We need to take automation to another level, leaving human or manual efforts behind, to increase productivity and lower cost for clients in all areas of the information governance spectrum.”
Jason R. Baron, Of Counsel, Information Governance & eDiscovery Group, Drinker Biddle & Reath LLP
Jason R. Baron, Director of Litigation for NARA and a widely recognized and highly respected authority on e-discovery and electronic records, has left NARA to join the information governance and e-discovery practice of Drinker Biddle & Reath. He is joining an already stacked deck at a group that already includes Bennett B. Borden and Jay Brudz as chairs.
I have known Jason for many years, and not only is he a class act, he is one of the few people who can truly be credited with driving and changing our thinking about e-discovery and information governance. Jason has a long list of accomplishments, but most significant for me is the tireless academic and evangelism work he has done to drive understanding of advanced search, predictive coding, and other techniques that help to automate information governance. Automation is the future of information governance, and it is a future that only exists because of people like Jason.
I had the pleasure to interview Jason about his big career change (he was at NARA for 13 years), and loved to see how excited he is about the future of information governance.
Highlights of our discussion include:
- Jason was NARA’s first Director of Litigation, which speaks both to the changes to the information landscape in the past decade and to Jason’s expertise.
- Jason played a key role in developing a directive that requires all federal agencies to move to all digital form for permanent electronic records by the end of the decade.
- NARA will soon be managing upwards of a billion White House email messages – forever.
- Jason believes that predictive coding and other advanced search and document review methods will drive significant automation of information governance in the coming years.
My Interview with Jason R. Baron
Why now? Why are you leaving your role at NARA to go into private practice?
Well, I can tell you it has nothing to do with being placed on furlough! For the past 13 years, I have considered my time at NARA to be in a dream job for any lawyer. As NARA’s first appointed Director of Litigation, I have had the opportunity to work with high-ranking officials and lawyers throughout government, including in the White House Counsel’s Office, on landmark cases involving electronic recordkeeping and e-discovery issues.
I also have been particularly privileged to work with Archivist David Ferriero and others in crafting a number of high-visibility initiatives in the records and information governance space, including the Archivist’s Managing Government Records Directive (August 2012), which includes an “end of the decade” mandate to federal agencies requiring that all permanent electronic records created after 2019 are preserved in electronic or digital form. With this background and experience, I think I can now be of even greater help in facilitating adoption of industry best practices that meet the Archivist’s various mandates. I also wanted to work on cutting edge e-discovery and information governance matters in a wider context.
What was it that attracted you to Drinker Biddle & Reath? Did you consider other firms or other career paths?
The biggest attraction was knowing that I share the same vision with Bennett B. Borden and Jay Brudz, Co-chairs of Drinker Biddle’s Information Governance and eDiscovery Group. Collectively, we see e-discovery challenges as only part of a more systemic “governance” problem. Big Data is only getting bigger, and I believe our group at Drinker Biddle is on the leading edge of law firms in recognizing the challenge and offering innovative solutions to clients. Of course, there are any number of other firms in e-discovery and other “hot” areas, and I have friends and colleagues at a number of firms and corporations who I have had discussions with. I’d like to think that my closest peers in this area will act as strategic partners with me in any number of educational forums, and I look forward to that prospect.
What will your role at Drinker Biddle be? What will you focus on?
As Of Counsel to the Information Governance and eDiscovery Group, I expect to be most heavily involved in helping to build out three areas of practice. First, providing legal services to those private sector actors that are involved in large IT-related engagements with the federal sector, and wish to optimize information governance requirements. Second, consulting on records and information governance initiatives in the private sector, especially employing cutting-edge automated technologies (predictive coding, auto categorization, and the like). Third and finally, I hope to take on special master assignments in the area of e-discovery, as the need arises, and would consider it a great honor to do so.
What do you think about the future of NARA and its role as the federal government transitions to the digital world?
As I said earlier, NARA is leading the way in issuing policies that will result in electronic capture of all e-mail records by the end of 2016, as well as ensuring that all electronic records appraised as “permanent” are preserved in future federal digital archives. NARA has shown leadership in issuing an important joint directive with OMB in 2012, which followed on the heels of President Obama’s Memorandum on Managing Government Records dated November 2011.
If NARA doesn’t lead in the area of setting information governance policies for federal applications, including in the cloud, it risks becoming an irrelevant player in the digital age. The present Archivist of the US and other senior leaders inside NARA are committed to doing everything they can to avoid that fate.
What are the key initiatives that you are working on right now?
My plate is full: Along with a few others, I have been involved in finishing up an update of The Sedona Conference’s 2007 Search Commentary and 2009 Commentary on Achieving Quality in E-Discovery. Over the next few weeks I will be criss-crossing the United States to participate in some excellent forums, including in October the upcoming EDI Summit in Santa Monica, where I am moderating a panel on “Beyond IS0 9001,” all about standards in the e-discovery and information governance space; and being invited to speak at the inaugural IT-Lex Conference in Orlando, where along with Ralph Losey and Maura Grossman I will be speaking on the future of predictive coding.
You will also find me at ARMA 2013 in Las Vegas, at Georgetown’s Advanced E-Discovery Institute, and of course at LegalTech next February, all wonderful venues to get a message out about cutting edge issues in these areas.
What do you think is the most interesting thing happening in the IG space today?
I am most excited about bringing the “good news” of predictive coding and other advanced search and document review methods to a wider records and information governance audience, and intend to speak at any number of upcoming forums on how to do so. We need to take automation to another level, leaving human or manual efforts behind, to increase productivity and lower cost for clients in all areas of the information governance spectrum.
Do you think that organizations will ever achieve the promise of IG? What will it take to get there?
Woody Allen says there are two types of people in the world: those who believe the glass is half full, and those who say it is half poison.
I am optimistic about us doing better in the space – if lawyers can think outside of the box in adopting best practices from other disciplines, including artificial intelligence and information retrieval. A reality check is in order, however, given that predictions about the “future” of anything tend to be overly optimistic (where are the cars that glide over highways, or the cities on the moon, both of which were predicted in the 1964 World’s Fair to already to have happened?).
And the first mention of “yottabytes” by an op-ed columnist in the New York Times occurred in the last couple of weeks. Ask I mentioned earlier, the world of big data is only getting bigger and more complex. I think lawyers in this area can give solid guidance to help clients do better in this “real” world, and certainly hope to do so with the great team already in place at Drinker Biddle.
What was the biggest structural or philosophical change that you observed at NARA during your career there?
I recall going to what was billed as an “e-mail summit” meeting a half decade ago, in which the really great people assembled could not believe that most end users failed to print out email for placement in traditional hard copy files. Archivists and records managers by their very nature are just too good at doing so! However, NARA has come a long way since then, in pushing capture and filter policies for email (the so-called recent “Capstone” initiative), as well as the digital mandate by 2019 I mentioned earlier. These really do represent policy shifts that hold out the potential for leading many agencies to adopt new ways of doing business.
What do you think that private organizations can learn from NARA’s experiences in trying to manage and control the information explosion?
NARA certainly has unique challenges. For example, it needs preserve and provide access on a permanent basis to what I have estimated will soon be upwards of a billion White House emails. What the private sector can learn from NARA’s (and the White House’s experience) in this area is that in an era where massive and ever-increasing data flow through corporate networks, there need to be technological solutions put into place to be able to filter out low-value data, to guard privacy interests, and to provide greater access through advanced means of search and categorization.
NARA knows that it needs to confront all of these issues, and is now engaging in outreach to the private sector in an effort to find solutions in the public space (BB note: I recently attended one of these meetings, and will be writing about it soon.) Corporations of all sizes also need to confront information governance issues before a black swan event occurs that materially affects the bottom line.
What was the most interesting challenge or case you faced at NARA?
I have written and spoken at length about dealing with U.S. v. Phillips Morris (the RICO tobacco case), and so won’t repeat what I have said about my experience searching through 20 million White House emails, and starting on my quest in search of better search methods. My time at NARA just has been one fascinating experience after another, and not just involving electronic records of course, so it’s hard to choose.
At one point I found myself in the back room of Christie’s auction house in Manhattan with a senior archivist, poring over a massive Excel spreadsheet that listed 5000 documents taken from Franklin Roosevelt’s White House by his trusted secretary Grace Tully. We had to decide which documents should have ended up at the Roosevelt Library in Hyde Park. An auction of paintings worth millions was about to take place and all around us people where shouting, “Where are the Picasso’s?” and “What about the Matisse’s?” It was definitely surreal.
And yes, after drafting a Complaint and working with the US Attorney’s Office in the Southern District, we ended up settling the dispute over the Grace Tully collection (where the owners were represented by, among others, former Rep. Elizabeth Holtzman working at a mid-Manhattan law firm), with timely assistance from passage of a special bill in Congress allowing for a favorable valuation of the collection. From one week to the next, I never knew what new disputes involving the history of the 19th and 20th century I would be involved with.
I will be providing the keynote address on a half-day seminar hosted by Sita Corp, SAP, and HP at New York Athletic Club, on October 15, 2013 from 8:30-10:30 am.
I am going to be talking about the challenges of Information Governance in a Big Data world.
Register now at: http://ow.ly/po2mm
I have been doing some research into data remediation and I came across this interesting model that I think fits pretty well. But it is not from the information governance or even the IT world. The first person to tell me in the comments precisely where this model originates will get a copy of my latest book.
On June 6, 2013, the US National Archives and Records Administration published a call for comments on its draft Bulletin regarding a proposed “Capstone” approach to email retention at federal agencies. NARA was having technical problems with its comment system when I tried to submit my comments, so based on their instructions I have submitted my comments to them directly by email, and I am also posting them here.
You can find the request for comment and the draft Bulletin on NARA’s website.
Feedback on NARA’s Capstone Email Records Management Bulletin
As requested, I am providing comments on the “Capstone” approach to email management outlined in the June 6, 2013 draft NARA Bulletin provided above. Thank-you for the opportunity to provide input on this important issue.
I am the founder and principal of an information governance consulting firm based in New York. Since 2001 I have advised many organizations and government agencies on the development and implementation of email retention strategies.
Based on my experience and research, I believe that most organizations currently fall into one of two email records management camps.
The first camp does very little. While they may impose mailbox size limitations, they provide sparse guidance to employees who are forced to delete messages to meet these quotas. Consequently, business records are likely lost – especially if no storage space is allocated for retention of records that simply happen to reside in the email system. Others allow – or turn a blind eye to – the practice of employees exporting email messages out of the corporate email system so they can be tucked away in shared drives, thumb drives, or taken home for “safekeeping.” This practice results in an effective loss of management control over records found in the email system, and can greatly increase collection costs and increase spoliation risk in e-discovery.
The second camp “manages” email, but treats all email messages equally, regardless of their content. Some – seeking to minimize the cost and potential risk of email – automatically purge all email older than 30, 60, or 90 days. In the absence of a method to capture email messages containing record content, records are surely lost – violating laws that require retention of specified records, regardless of their form. Others – perhaps inspired by SEC Rules 17a-3 and 17a-4 and the email archiving software industry that those Rules singlehandedly created – capture a copy of all messages sent and received and keep them in a separate archive for a fixed period of time. This approach ignores the reality that such an archive will undoubtedly contain both trivial content and critical business records. From a compliance perspective, this may be just fine if you are a broker-dealer subject to these unique, email-specific Rules, but is less fine if you are, like most of the business world, subject to retention rules that do not exempt or treat email in special way, but rather require identification and retention of business records regardless of the form they take.
There are of course other approaches to email retention, one of which is outlined in your draft Bulletin. As I understand it, Capstone is a role-based method that uses the role of the email creator/recipient as a predictor of the content of that user’s account. In the past I have advocated such an approach to clients as a pragmatic method for improving otherwise nascent email records management practices.
NARA should certainly be commended for embracing such pragmatism, and in recognizing that complex user classification systems are often impractical and lightly adopted.
However, I would like to share two additional ideas that may be helpful as NARA finalizes its guidance.
First, while a knowledge worker’s role can certainly be a predictor of an email message’s content, our research has shown us the limits of this approach. We have assessed role-based approaches at client organizations by analyzing actual email accounts sampled from a range of user roles. We have then estimated the percentage of email content that would require retention under the client’s own retention rules. Across a range of users we have found as little as 5% and as much as 95% record content. There is certainly some correlation between the percentage of record content and the role of the user, but it is not always categorical. For example, some users are mostly information processors, and thus may have an extremely high percentage of email records in their inboxes.
Consider for example, a claims processor who receives a partially completed claims form attached to an email message, opens that form and completes it using information they possess, and than sends the completed form to an employee who represents the next link in the processing chain. This scenario is very common, even in large organizations. Assuming that these completed claim forms are records, and that they are not otherwise captured in a content management system, this user’s email account is quite important from a records management perspective.
However, a Capstone system based solely on seniority (i.e., “officials at or near the top of an agency,” as described in the Bulletin) may miss this important account and result in such records disappearing as “temporary” records. Conversely, senior officials may have a relatively low percentage of record content in their email system when they use other systems to communicate their decisions, document those decisions formally, or otherwise use other official or formal systems to complete their work. Capture and permanent retention of their entire account then, would result in retention of largely trivial content.
These issues can in part be addressed by careful examination of the way email is used by each agency and its users, as mentioned in the Bulletin.
Second, I wonder if NARA is turning away from a content-based approach to record identification and retention too soon – in fact, act just at the time in history when technology to enable semi-automated, content-based approaches is becoming widely available. Our clients are currently evaluating and implementing technology from OpenText and Recommind (there are other providers in the market as well) that marries human and machine intelligence to remove the classification burden from the user. Such systems are by no means trivial to implement and configure, but I believe that they point the way forward for email records management. The effectiveness of automated statistical methods for content classification has been demonstrated effectively in the intensely observed world of US civil litigation; a demonstration that I believe provides a foundation for it application to the records management problem.
Further, while the Capstone method would seem – as noted in your Memo – to foster compliance with the “OMB/NARA M-12-18 Managing Government Records Directive” requirement to “manage both permanent and temporary email records in an accessible electronic format,” I wonder to what extent it addresses the spirit of Section A3 of the Directive to “investigate and stimulate applied research in automated technology to reduce the burden of records management responsibilities?”
Once again, thank-you for the opportunity to provide feedback on this important Bulletin, and I am confident that NARA will continue to provide leadership as federal agencies continue this critical transition.
Last week I was lucky enough to spend a day working with my friend Jay Brudz (a partner at Drinker Biddle who also runs their e-discovery sub with IG guru Bennett Borden). Whenever we had a spare moment our conversation would drift back to our favorite topic: is Information Governance about risk or value?
The correct answer, of course, is both. But not always, and not at the same time.
First of all, on a macroeconomic level, the pendulum is always swinging between fear and greed/risk and value. Sometimes organizations circle the wagons, trim the fat, and break out a litany of clichés to cloak the fact that they are running scared. At other times, organizations light fat cigars, buy fancy umbrella holders, and spend money like the value of an American house will never decline.
So, there are macroeconomic factors that determine, generally, what motivates corporate spending and where management attention is focused.
This tension between risk and value is also driven by corporate culture. Some companies are simply more conservative than others – even those of similar size in the same vertical – and as such are more concerned about understanding and managing risk. Some companies build this conservatism into their marketing – especially in the financial services industry, where risk management and compliance typically has its own department (although the power of that office varies widely).
CEOs sometimes have a mandate to change existing cultures – including attitudes towards risk – as Paul O’Neill did at Alcoa by announcing, “I intend to make Alcoa the safest company in America,” at his first investor meeting as new CEO (as detailed by Charles Duhigg in “The Power of Habit.”) Sometimes, of course, new CEOs mistake coupon-clipping clothing buyers for Apple fanboys and flame out spectacularly.
Industry vertical and market focus, however, are probably the biggest determinants. Predictably, large, regulated companies who are frequently litigated generally spend more time and money on understanding and managing risk.
But fear only gets you so far, even in the most risk-aware organization. Fear alone will not drive employees to change their information habits. It won’t stop them from hoarding information in “their” shared drive (or shared drive in the cloud) or their email account. It will not stop them from classifying all their documents in the multi-million dollar document management system as “Misc-Other.” It will not stop them from using the cloud service recommended to them by their neighbor to share customer documents with a service provider. Fear will not change information governance behavior in a sustainable way.
So what will?
In Duhigg’s telling it wasn’t fear of safety failures that ultimately changed and sustained the safety culture at Alcoa, but rather the subsequent growth and the success of the company under O’Neill’s reign that corresponded with his focus on safety.
“I knew I had to transform Alcoa . . . but you can’t order people to change. That’s not how the brain works. So I decided I was going to start by focusing on one thing. If I could start disrupting the habits around one thing, it would spread throughout the entire company.” Paul O’Neill, as quoted by Charles Duhigg.
Driving sustainable change is about changing habits, but it is also about appealing to employee self-interest. Providing the employee with tools that help them do their job better, faster, smarter so that they can succeed and be rewarded. But also ensuring that these solutions take care of the company’s business and legal needs – ideally in the background.
I addressed this question recently in the short video below.