In my last article on the topic of electronic discovery, I began the conversation about a term we use called “processing”. Now we will discuss one of the stages within the workflow of processing electronic discovery referred to as “deNISTing”.
Why did I type part of the word in all caps? Because it includes an acronym. We use the “NIST list” to perform this step. The NIST list is generated several times a year by the National Institute of Standards and Technology as part of a project called the National Software Reference Library. Believe it or not, it is simply a list of millions of file types, such as Microsoft Word (*.docx) or Adobe Acrobat (*.pdf) and includes a corresponding hash value for each file type. I believe that some service providers will enhance their master list of file types by adding newer file types that haven't yet made it onto the latest version of the NIST list.
The processing software will use this “known file type list” to compare it against the electronic discovery files collected from a particular custodian. The goal is to automatically set aside files that are unlikely to contain relevant information or files that were not created by a user. An example would be executable files (*.exe), device drivers (such a printer driver file), or files that are part of a software installation (*.dll, *.ini, *.chm). We sometimes refer to these as “system files”.
NOTE: An exception to setting aside “system files” as irrelevant would be an intellectual property case where software development is an issue in the case.
Most processing software will not simply rely on the file extension to identify the file type. The software will also check the file header as well. Unfortunately, some non-techie users have been known to change the file extension when naming a file. They do it without thinking about the consequences. So, a Microsoft Word document can be accurately identified by reading the file header even if the file extension has been changed from *.docx to *.version1 by a user.
The overall goal is to save time and money by decreasing the number of documents that attorneys need to review for relevance and potentially produce. The deNISTing process is one stage of processing electronic discovery that helps to achieve this goal.