The views expressed herein are those of the author and not necessarily the views of FTI Consulting, Inc, its management, its subsidiaries, its affiliates, or its other professionals.
Craig Earnshaw is a senior managing director at FTI Consulting where he founded the European technology consulting practice in 2006. He has over 20 years of experience handling the forensic technology aspects of some of the most complex disputes and investigations since the mid-1990s. Craig is a recognised expert in the technical and strategic application of forensic technology, often in multi-jurisdictional situations. His expertise includes disputes, merger clearance, competition investigations, regulatory inquiries and white-collar crime.
What approach do you take when handling large international mandates that require engagement with differing cultural attitudes to privacy of data?
Many of the engagements that we’re handling have international aspects, often including countries with strong data privacy regimes. Thankfully, the advent of the GDPR in 2018 and new data privacy legislation being implemented in other countries, have increased awareness that the data privacy aspects of a matter need to be considered at the outset. This often results in a need to deploy people and mobile technology platforms onto client sites to handle many aspects of the engagement in country. While this may increase the complexity of the solution that is implemented, it ensures compliance with the legislation.
How have the demands from regulators regarding data evolved in recent years when it comes to merger clearance proceedings?
In the US it has long been standard practice for companies to identify and disclose large volumes of internal documents as part of a second request, where a merger is deemed to have potential anticompetitive consequences. In Europe, even in large mergers that may have a significant impact on a market, this hasn’t historically been a requirement. In 2018 the European approach began to change, and we are now seeing a requirement to disclose internal documents in much greater alignment with the US process: high volumes of electronic material, often in very short time frames. The experience that we have gained responding to the demands of the US regulators has placed us exceptionally well for the new approach in the EU.
How are new technologies such as technology-assisted review and predictive coding being used to increase the efficiency of data analysis in investigations and litigation proceedings?
Although the volume of documents and emails continues to increase in disputes and investigations, the technologies to search and prioritise the review of these documents are also evolving. Taking us from historic “keyword and date range” searches to more advanced technologies including predictive coding and continuous active learning. These technologies enable those documents that are most likely to be relevant to be prioritised over those less likely. These algorithms learn from those documents that have been reviewed, and constantly re-prioritise upcoming documents, thus incorporating the latest findings. While we still see scepticism in some quarters to take advantage of the benefits that can be delivered, those clients who are embracing these technologies often gain a significant strategic advantage by having a better understanding of their position early in the proceedings and making better decisions on where to fold and where to fight.
How has the shift among clients from a reactive to proactive approach to data compliance and internal processes affected the type of work you are receiving?
We’re seeing corporations becoming much more proactive when it comes to the management of the data within their IT estate, including the implementation of information governance strategies to support this. This is, in part, being driven by requirements to adhere to new legislation such as the GDPR and to become more proactive about what data the corporation is storing, knowing where it is being stored, and what reason the corporation has for continuing to store it. Having better governance also enables the corporation to be better prepared to respond to requirements to collect, review and produce documents in disputes or investigations.
What challenges does the rise in multiple types of data and data sources in investigations pose for experts in this area? How do you ensure you are prepared to meet these challenges?
There is a plethora of new data types that are constantly appearing, either in the form of communications apps on phones, finance systems, or industry-specific technologies such as core banking systems. When additional data formats are coupled with increasingly decentralised IT estates – with data in locations such as PCs, mobile devices, servers, cloud storage archive systems and third parties, to name but a few – it makes the initial phases of an engagement much more complex. We’re being sought out by clients to bring our expertise to this process: to identify where relevant data is located, and to ensure the appropriate technologies and methodologies are being leveraged for defensible and complete preservation, all while maintaining compliance with legislation such as the GDPR.
As clients are becoming increasingly sophisticated, what are the main qualities they look for in an effective data expert?
Corporations and counsel are becoming more sophisticated in handling the basic aspects of e-discovery, as the requirement is now often such a core component of any dispute or investigation. We’re finding that clients are coming to us more frequently with a requirement to solve complex challenges – such as non-standard data formats, contracted timelines, very large investigations, and situations where a mobile review environment is required to comply with data privacy requirements, or where expert forensic analysis is required. Clients are looking for an expert who will advise them as to the best approach to take in a particular situation, and who will be able to apply the appropriate technologies and methodologies to achieve the required result – not just someone who will execute client requests.
How do you think your practice will develop over the next five years?
The data-related challenges that corporations are now experiencing are getting much broader in scope, and are requiring an expert with a detailed grasp of both the available technologies that can be leveraged to assist with an issue, as well as industry-specific, and industry technology-specific, expertise. Larger corporations, and law firms are developing internal capabilities to handle “business as usual” e-discovery requirements; however, where situations are more complex, and specific expertise is sought, this creates opportunities to evolve one’s practice to deliver more expert and advisory capabilities to help solve a corporation’s data-related challenges.
Craig Earnshaw is described by peers as “a top forensic expert”. He runs an excellent practice that sees him involved in such issues IP theft and fraud investigations.
Craig Earnshaw is a senior managing director in FTI's technology practice, based in the London office which he founded in 2006. For over 20 years Craig has worked solely in the forensic technology field and has amassed considerable experience in both the technical and strategic application of technology, and had delivered this for clients on some of the most complex and demanding matters that have taken place over this time.
Craig provides strategic advice to clients across all areas of FTI's forensic technology offering, and delivers specific counsel to clients in the areas of European Union-based evidence collection and disclosure, electronic data hosting for litigation and regulatory enquiries, and the impact of data privacy requirements on multijurisdictional disputes and investigations. His engagement experience includes cross-border disputes and regulatory inquiries relating to anticompetitive behaviour, cartels and price fixing, in addition to fraud, bribery, corruption and IP theft investigations.
Craig has provided both written and oral expert evidence relating to e-discovery and computer forensic analysis in the High Court in London, and has testified at depositions in the United States, as well as submitting written expert evidence into other forums such as employment tribunals and arbitrations.
Craig has authored numerous articles that have been published in the European and US legal and technical press, and is a frequent conference speaker on subjects including multijurisdictional investigations and data privacy.