publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/192213
CRACKING SOURCE CODE PRODUCTION: XXXX BASICS AND BEST PRACTICES exactly what is being asked for and prevent wasting valuable resources BEST PRACTICES •Plan Properly: Prior to the meet and confer, check with the court to see if there are any source code production standards. Make sure the meet and confer occurs early in the litigation process to avoid unnecessary delays. Discuss any litigation holds that might be required to avoid the destruction or loss of any potentially relevant source code. Provide valid and logical reasons for needing the production of source code, and have reasonable time and cost expectations. Identify and finalize proper date ranges and relevant software version numbers. Consider using a third-party service provider that specializes in source code collection and review. •Keep Costs to a Minimum: It is important to take cost considerations into account early on. Discuss any concerns with the court prior to starting the review of source code. The court's involvement in this discussion is crucial because sometimes the judge will have both parties contribute to the cost of source code review. Have a concrete understanding of production requirements to avoid overproducing or spending excess hours reviewing source code that is not relevant to litigation. •Be Prepared for Collection: Make sure the IT department or service provider knows where source code is stored and how it can be collected completely and efficiently. If the court mandates a third-party review of source code, be prepared to hire an outside forensic expert. •Create and Receive a Complete Source Code Production: Once the initial review process has been completed and relevant source code has been determined, the process of creating a production to provide opposing counsel with begins. It is important that the producing party determines the completeness of source code before handing it over to opposing counsel. Besides the code itself, other files that might be required or useful to produce include design documents, user manuals, project plans and bug reports. •Transfer Data to Opposing Counsel: When transferring data to opposing parties, produce the source code on encrypted key-based drives for added security. Be aware that some source code can take up to several terabytes of storage, which can take days to make a single copy. •Mitigate Risk: To help ensure only the appropriate people review source code, explicitly communicate your concerns with the court so the protective order can contain provisions — such as privilege logs — and sanctions regarding leaks. Ensure that any proprietary or sensitive information being turned over to opposing