Sandline in Action: Leveraging Custom Solutions into Cost-Savings


An AMLaw 100 firm engaged Sandline to provide forensic collection, cloud collection, eDiscovery processing and hosting, document review and project management services. 


The discovery scope included most of the common modern electronic stored information (ESI) sources including Microsoft 365 (Exchange, Teams, OneDrive, SharePoint), website preservation, mobile device, and related applications.  

The scope of discovery also included several applications that fall into the category of “emerging data sources.” Emerging data sources refer to new types of data that are being generated due to advancements in technology and changes in the way we interact with the world. Overall, there are many challenges when dealing with emerging data sources, including: managing high volume, velocity and variety of data, as well as ensuring data privacy and security.  

Sandline was prepared to collect and convert the exports into an easy-to-read near native presentation along with a full metadata load file for use in review platforms like Relativity and Everlaw. Sandline has extensive experience working with unfamiliar data exports from diverse systems, including legacy and specialized (self-developed; homegrown) applications, and converting the export file format from CSV, JSON, XML, EDI, or Cellebrite UFDR to a better format for analysis, review, and production. 

In the case of this FTC investigation, the Discovery Team quickly realized that these cloud applications did not have native support for a data export that would be sufficient to comply with its discovery obligations. The Discovery Team then looked to the legal and compliance market for tools that might be used to collect data from these sources.  After consulting with several companies that provide a commercially licensable cloud application collection tool, the Discovery Team concluded that it would not be possible to use an off-the-shelf solution for collection. 

Each of the client applications at issue had its own API. An API is a set of protocols, tools, and definitions that enable different software applications to communicate and interact with each other. The Sandline operations, product, and development teams reviewed the requirements, the API References, and Data Models. After reviewing the requirements, Sandline determined it would be able to custom develop a connector and application that would enable defensible collection of the data sources. 

In a short time, Sandline wrote a secure, fully logged, application that accessed the data and attachments through the API.  The exported data (JSON files) and attachments were secured and preserved.  The application created a PDF document for each activity transcript in an easy-to-read format (think: chat conversation), complete with emoji, meme, along with downloading attachments, maintaining the linkage and relationship.  Along with the PDF, Sandline created a standard DAT load file which included the typical metadata such as sent date, sender, along with additional requested metadata, and specific metadata that could be used for creating relationships between the application transactions as well as across different platforms and channels (think: being able to look at the phone calls, SMS, email, and Teams chat in one timeline). 

Counsel was then able to perform the analysis and review across activity and conversations and other transactions from diverse channels in a single place, in a seamless workflow. Sandline saved the end-client hundreds of thousands of dollars in legal spend by creating a custom solution for easily reviewing, analyzing and producing modern data.