Internal Investigations: Quest for Investigative Search Terms

Following up on our recent blog in a series about internal investigations, let us start this one by noting that this problem is real. Between enforcers and the outside auditors, in virtually every internal investigation there will be a request to review a copy of the search term list. In almost every case, lawyers who acceded to such a request do so at their clients' peril. To understand why counsel's tailored and carefully thought-out search term list can reveal an attorney's strategy and thinking, consider this list: (John /2 Doe) w/50 (brib! or FCPA or corrupt!) /50 government! w/2 offic! w/50 (Prague or "Czech Republic" and da(2020)). Even this short Boolean string provides more than a subtle clue that the attorney who drafted it believes there might be evidence that John Doe, in or around 2020, engaged in bribery of a foreign official in the Czech Republic. Using the parlance of Federal Rule of Civil Procedure 26, can there be a real dispute that this search term list reveals the attorney's "mental impressions, conclusions, opinions, [and] legal theories"? Today's standard-issue employee using emails, posting on social media accounts, conducting online searches, or communicating on collaboration apps, creates a staggering 600 megabytes of data per day. This is the equivalent of up to 300,000 pages of paper. The attempt to cut through the clutter and use carefully crafted search terms to narrow down the evidence to a list of relevant documents or emails is, therefore, part of today's internal investigation.