Alexandria Smith, Sales & Marketing Intern
Over the course of my internship at Sandline Global, I dove deep into the world of eDiscovery exploring how technology, law, and data privacy intersect. From tools like Everlaw and Relativity to regulatory frameworks like GDPR, I picked up the vocabulary and workflows that drive modern litigation support. Here are some key terms and concepts I’ve learned along the way:
Section 1: Foundations of eDiscovery
- eDiscovery:
- The process of identifying, collecting, reviewing, and producing electronically stored information (ESI) for use in legal cases. At Sandline, the eDiscovery process leverages platforms like Everlaw and Relativity to manage the full lifecycle of a matter—from forensic collection through to production. Along the way, they employ advanced strategies such as AI-driven review, data culling, and privilege tagging to ensure efficiency and defensibility.
- EDRM (Electronic Discovery Reference Model)
- The process of identifying, collecting, reviewing, and producing electronically stored information (ESI) for use in legal cases.
- The 4 Core EDRM Stages:
- 1. Identification
- 2. Collection
- 3. Review
- 4. Production
- The 4 Core EDRM Stages:
- The process of identifying, collecting, reviewing, and producing electronically stored information (ESI) for use in legal cases.
- Forensics:
- Forensics in eDiscovery refers to the technical process of identifying, collecting, and preserving electronic data from devices like laptops, phones, servers, and cloud accounts in a way that ensures its authenticity and legal admissibility. This is often the first step in eDiscovery.
- Forensic specialists might:
- Travel to collect data from a custodian’s laptop or phone
- Use tools like Cellebrite for mobile extractions
- Capture login data, messaging history, or cloud-based chats
- Investigate incidents (e.g., IP theft, workplace accidents)
- Testify about the integrity of collected data
- Forensic specialists might:
- Forensics in eDiscovery refers to the technical process of identifying, collecting, and preserving electronic data from devices like laptops, phones, servers, and cloud accounts in a way that ensures its authenticity and legal admissibility. This is often the first step in eDiscovery.
Section 2: Tools and Platforms
- Everlaw
- Everlaw is a cloud-based eDiscovery platform used by law firms, corporations, and litigation service providers to manage the entire review and production lifecycle—from document ingestion to final output.
- Everlaw has intuitive UI for tasks like assigning review batches, running keyword searches, building timelines, and visualizing data. It’s especially favored for flexibility, user-friendliness, and post-review features like Storybuilder.
- Relativity
- Relativity is a widely utilized eDiscovery platform primarily used for large-scale, high-volume matters—often hosted on-premises or via RelativityOne (cloud).
- Modern ETL
- Modern ETL is Sandline’s in-house data processing tool designed to handle modern communication data—like chats, texts, Teams messages, and Slack threads—in a way that’s structured, searchable, and review-ready. It fills gaps traditional platforms struggle with—like identifying relevant content across messy, fragmented communication threads.
Section 3: Review and Coding
- Responsive / Non-responsive / Privileged
- 1. Responsive:
- A document is responsive if it is relevant to the legal matter or request for production. This means it contains information that addresses the legal claims, defenses, or facts in the case.
- Example: An email discussing a contract dispute in a breach-of-contract lawsuit would be marked as responsive.
- A document is responsive if it is relevant to the legal matter or request for production. This means it contains information that addresses the legal claims, defenses, or facts in the case.
- 2. Non-Responsive:
- A document is non-responsive if it is not relevant to the legal issues in the case or outside the scope of the discovery request.
- Example: An internal company holiday party invitation in a wage-and-hour lawsuit would likely be non-responsive.
- A document is non-responsive if it is not relevant to the legal issues in the case or outside the scope of the discovery request.
- 3. Privileged:
- A document is privileged if it the content protected from disclosure under legal doctrines such as:
- Attorney-client privilege, which covers the conversations related to the legal matter between the client and attorney on the case. This doctrine can be broken by including others not protected by the same relationship. The document can either be fully redacted, partly redacted, or fully withheld.
- Work product privilege, covers documents written by the attorney on the case or others in preparation for litigation. Examples can include draft pleadings or strategic notes. these documents are usually fully withheld.
- A document is privileged if it the content protected from disclosure under legal doctrines such as:
- 1. Responsive:
Section 4: AI and Emerging Tech
- Open source LLMs (LLaMA, DeepSeek)
- Open-source LLMs are publicly available for large language models whose code and architecture can be freely used, modified, and deployed—either commercially or personally—without licensing restrictions.
- The source code for the software is free and openly available. Anyone can download it and run it anywhere.
- Open-source LLMs can help reduce the cost of AI-powered eDiscovery workflows while allowing you to maintain full control over security standards by deploying models locally.
- Closed source LLMs (OpenAI’s ChatGPT, Google Gemini, Anthropic Claude, Microsoft Copilot)
- Closed-source LLMs are proprietary large language models that can only be used on the companies servers. Their model architecture, training data, and parameters are not publicly available, and they are typically accessed through paid APIs or platforms.
- These models:
- Are hosted and operated by the company that built them (e.g., OpenAI, Google). Does not allow on-premise deployment.
- Often require payment via usage-based pricing (e.g., per token or per document)
- Provide limited control over data handling and privacy settings
- Discovery risk – prompts/responses may become discoverable in litigation (as in recent S.D.N.Y. rulings)
- This is why Sandline is testing ways to balance convenience and compliance—sometimes running LLMs in secure sandboxes or replacing closed tools with open-source ones.
- These models:
- Closed-source LLMs are proprietary large language models that can only be used on the companies servers. Their model architecture, training data, and parameters are not publicly available, and they are typically accessed through paid APIs or platforms.
Section 5: Compliance
- DSAR (Data Subject Access Request)
- A Data Subject Access Request (DSAR) is a formal request made by an individual to a company or organization, asking for access to the personal data that the organization holds about them—how it is collected, stored, used, or shared. Rooted in data privacy laws like the GDPR (EU/UK) and CCPA (California)
- Sandline leverages platforms like Everlaw to identify and isolate personally identifiable information (PII) and package the results for delivery to the data subject
- Regulatory compliance in eDiscovery
- Following data privacy laws that govern how organizations handle personal information—especially during litigation, investigations, or data requests. Currently, there is no single federal data privacy law in the United States. Instead, organizations must navigate a patchwork of state-level laws like the California Consumer Privacy Act (CCPA) and international regulations like the General Data Protection Regulation (GDPR) in the EU/UK.
- GDPR: Grants EU/UK residents rights over their personal data, including the right to access, delete, and restrict processing. Often triggered in international or cross-border matters.
- CCPA: Provides similar rights for California residents, including the right to know what data is collected, request its deletion, and opt out of its sale.
- As privacy laws expand, eDiscovery providers must balance legal obligations with technical workflows to avoid fines, protect reputations, and maintain defensibility and the federal government must protect the data security of its citizens.
- Following data privacy laws that govern how organizations handle personal information—especially during litigation, investigations, or data requests. Currently, there is no single federal data privacy law in the United States. Instead, organizations must navigate a patchwork of state-level laws like the California Consumer Privacy Act (CCPA) and international regulations like the General Data Protection Regulation (GDPR) in the EU/UK.
Conclusion:
eDiscovery sits at the intersection of law, technology, and data ethics—and this internship has shown me just how complex and fascinating that space is. From reviewing documents to understanding how AI models classify sensitive data, I’ve gained hands-on experience in workflows that power major litigation and compliance efforts around the world.
Whether you’re new to legal tech or deep in the field, I hope this glossary helps demystify some of the language and tools that are shaping the future of discovery.
