Define How Discovery Will Be Conducted

There’s a saying that you never get a second chance to make a first impression. From a discovery standpoint, you also only get one chance to get your case started off right, so failing to properly plan and consult an expert to help with that planning can put you behind to the point that you may never get a chance to catch up. And planning includes a thoughtfully drafted ESI Protocol to define how discovery will be conducted which can save considerable time and costs associated with your case.

Working Backwards From the Meet and Confer

You’re probably familiar with the Rule 26(f) Case Management Conference, also known as the “Meet and Confer”. It’s the best opportunity to get on the same page with opposing parties regarding how to conduct discovery. The meet and confer is expected to be conducted “at least 21 days before a scheduling conference is to be held or a scheduling order is due under Rule 16(b)”, which means it should be conducted as soon as 65-70 days after the case is filed.

So, a good plan is to develop a plan that works within that window to ensure that you go into that meet and confer fully prepared. That includes understanding your potentially responsive sources of data and where they’re located and any challenges that may exist with those sources of data. It also includes anticipating what potentially responsive data your opponent might have and whether you may need to subpoena third parties to support your case.

Components of an ESI Protocol

ESI protocols can vary widely, but most of them should include the following elements:

  • Definitions: Key terms that need to be defined to get all parties on the same page. Examples include: ESI, Producing Party, Requesting Party, Metadata, Native File, etc.

  • Custodian Identification: Not always included but becoming more common as many disputes involve inclusion/exclusion of custodians in discovery, so it’s a good idea to address expectations and how disputes over inclusion of custodians will be handled.

  • Preservation Obligations and Scope: This section defines what’s expected from the parties regarding preservation and what is not required to be preserved, which can include inaccessible data on legacy systems or media, system files, etc.

  • Collection: Scope and manner of collection, including involvement of eDiscovery or forensic providers.

  • Forms of Production: Includes all parameters (including image or native file production formats) to support production of unstructured ESI (e.g., email, Office files, etc.), structured data (e.g., information in a database) and hard copy files.

  • Metadata: Detailed list of metadata fields to be included with the production.

  • Handling of Redactions: Whether to convert to an image format (e.g., PDF or TIFF) before redaction, logging of redactions, etc.

  • Assertions of Privilege and Privilege Logs: What assertions of privilege are allowed, expected format and content of privilege logs, how challenges to privilege designations, use of a Rule 502(d) order to protect against waiver of privilege, etc.

  • Bates Numbering and Confidentiality Branding: Form and handling, including how to handle numbering for native file productions.

  • Deduplication: Scope of deduplication to include considerations like global deduplication vs. custodian-level deduplication, email thread deduplication, etc.

  • Parent-Child Relationships: How those are defined, including whether linked files from cloud-based office suite sources such as M365 or Google G-Suite are treated as attachments.

  • Exception Handling: How to handle and/or document files like password-protected files and corrupt files that cannot be processed.

  • Search Methodology/Use of TAR: How searching for documents will be conducted and whether Technology Assisted Review (TAR) will be conducted. The level of detail here can vary widely and can include the proposed search terms and whether the parties will agree to exchange search term reports or not. If search terms are going to be defined in the ESI protocol, it’s important that you test any terms that you might be responsible for before agreeing to them to ensure that they’re not overbroad.

  • Production Method(s) and Timing: Includes how productions will be delivered (e.g., via encrypted hard drive, SFTP transfer, etc.) and the handling of rolling productions.

  • eDiscovery Liaisons: Plans for identifying knowledgeable eDiscovery experts as liaisons to negotiate ESI issues going forward. It’s very important to have an expert to help with ESI issues in your case – including the preparation and negotiation of the ESI protocol itself.


You not only don’t get a second chance to make a good impression, you also don’t get a second chance to get your case off on the right track with a well-planned ESI protocol that covers all the bases to make the discovery process as smooth as possible. So, it’s important to work with an expert from the beginning to be prepared to walk into the meet and confer with clear expectations as to what that ESI protocol should include.

For more information about Forensic Discovery’s Computer Forensics services, click here.

Subscribe To Receive The Latest Resource Article

Get notifications when we add articles to our knowledge base.


Learn more about our Privacy Policy.