Many attorneys and lit support personnel work with EDD consultancies all the time, but few know how long each of the processes these companies perform usually takes.  I've laid out a first-person view of a computer's journey from collection to load file creation below.  Keep in mind that there are an incredible number of variables that can affect these processes; below is just what happens if everything goes totally smoothly, everyone answers their phones, you find what you're looking for on the first pass, no computers are damaged, no software encounters unusual errors and no custodians are hostile.  Since we almost never encounter such a fabled "perfect case," take this timeline with a grain of salt, but keep in mind that at least a few of these processes are usually pulled off without a hitch.

Monday

7:15am - Washington, DC - Well, today's the day I get duped.  Ms. Attorney has earmarked me as a computer to be collected.  My owner dropped me off in the "collection room," the room that our office usually uses as an extra conference room.  The e-discovery/forensic guys are on their way from about an hour north.  They should be here shortly.  Travel time, by car: 1.5 hours

8:45am - They're here.  The EDD guys just showed up with a few bags of rolling luggage each, and they're talking with Ms. Attorney.  Speaking with Ms. Attorney, overview of what's going to happen today: 15 minutes.

9:00am - Now they're getting set up.  They're pulling wires, computers, and all sorts of electronic gadgets out of their bags and powering up their laptops and other equipment.  Set-up time: 10 minutes.

9:10am - Looks like I'm first to be duped.  The EDD guys are taking down my model number, serial number, BIOS time, hard drive information; basically, doing a whole bunch of documentation.  Documentation: 5-15 minutes/machine

9:15am - There's a lot of wires connected to me.  I think they're about to start creating a forensic image.  Forensic duplication: approx. 1 hour/60-80 GB hard drive (average size for a 1-3 year old laptop)

10:15am - Duplication's done.  Now there are two of me; one in my original laptop casing and the other in the possession of the EDD guys.  I'll be narrating from the copy in the EDD guys' possession from here on out.  They've got a few other computers duping simultaneously now.  The room is getting warm from all these wires, computers and moving bodies.  Duplicating the rest of the machines: 2.5 hours

12:45pm - We're all done here; they've imaged all the laptops they needed.  Time to get transported back to the lab up in Columbia, MD.  Travel time, by car: 1hr

1:50pm - Columbia, MD - We're back at the EDD office.  I'm in a lab computer, and they're going to make what's called a "working copy" of me.  This way, the EDD folks have an extra copy of me on which they can do all their processing, and the original evidence copy they made, which will be secured in a safe.  Creating working copy of this drive: 20-30 minutes

2:15pm - OK.  Working copy created.  My other copy, the evidence copy, was put in the safe.  Now it's time for me to be hashed and indexed.  Hashing is the process through which each file receives a unique "number," generated from its content to act as a check which ensures that the file never changes.  If the file does change, a newly generated hash will not match the old one.  Creating an index means that keyword searches performed on me will be nearly instantaneous, just like books that have indexes make words easier to find in their texts.  Hashing and indexing this drive: 8-10 hours (+2-5 additional hours to retrieve deleted data)

Tuesday

1:00am - Wow, it's late.  Nobody's here.  Guess I'll have to wait until morning for anything new to happen.

8:15am - The lights are on.  They're going to do a few keyword searches that Ms. Attorney emailed out to them late last night.  Keyword adding and searching (with index): 5-10 minutes/image

9:00am - Found a number of files. They're talking with Ms. Attorney about what they found.  I believe Ms. Attorney wants some load files created from the responsive files.  She's giving the specs to one of the EDD guys now.  Speaking with Ms. Attorney about results, advising, getting load file specs: 20 minutes

9:20am - They've got the specs.  Now it's time to export the responsive files and set up the load file generating software to create the load file Ms. Attorney requested.  Exporting 2 GB of responsive files from the images and setting up load file software: 1 hour

10:20am - They're going to start generating the load file.  At this point, the 2 GB of responsive data will quadruple in size from the TIFF and OCR process to 8 GB total.  Load file creation: 2 hours (approximately 1 GB/hr)

12:20pm - They're making sure everything went smoothly with the load file creation.  Troubleshooting items that failed to properly OCR, de-blank, get stamped, TIFF, etc: a little over an hour

1:30pm - They're sending the data to the data hosting company used by Ms. Attorney.  The data will be up in a day or two, depending on the speed of the data hosting company, and then the review process will begin.  Time until data will be available for review online: 1-2 business days, depending on the company.

There you go!  If anyone can shed some light on the time attorneys take for some of their EDD processes, we'd love to hear it!  Shoot us an email at This e-mail address is being protected from spambots. You need JavaScript enabled to view it with what you've got (whether it be a link to a blog or article you wrote or just your two cents), and we'll give you a shout on our twitter.