An ESI protocol is the agreement between parties that governs how electronically stored information will be identified, collected, processed, reviewed, and produced throughout discovery. It is, in effect, the roadmap for the entire discovery process. And like any roadmap, if it leads you in the wrong direction, you will waste enormous amounts of time and money getting back on track — if you can get back on track at all.
The consequences of a poorly drafted ESI protocol are severe. When the protocol fails to address a critical issue — the format of production, the handling of metadata, the treatment of hyperlinked files — the result is typically a discovery dispute that lands before the court. These disputes consume judicial resources, strain the relationship between counsel, and generate costs that dwarf the effort required to get the protocol right in the first place.
Courts have increasingly recognized the importance of ESI protocols and are less tolerant of parties who fail to negotiate them in good faith. Under Federal Rule of Civil Procedure 26(f), parties are required to discuss ESI issues during their initial meet-and-confer, including the form of production and any issues relating to the preservation of ESI. Many jurisdictions have adopted local rules or model ESI orders that provide frameworks for these agreements, but the details must be negotiated case by case.
The most common mistake practitioners make is treating the ESI protocol as a formality — a document to be signed and filed without careful analysis of its implications. An overly aggressive protocol can commit you to production obligations that are technically infeasible or financially ruinous. An overly vague protocol can leave critical issues unresolved, inviting disputes at the worst possible moment. The goal is a protocol that is specific enough to prevent disputes but flexible enough to accommodate the inevitable surprises that arise during discovery.
Before you sit down to negotiate an ESI protocol, you need to understand your own data. Conduct a technical feasibility assessment that maps every data source potentially at issue in the litigation. This includes email systems, file servers, cloud storage platforms, collaboration tools (Slack, Teams, SharePoint), databases, enterprise applications, and mobile devices. For each data source, determine the volume of data, the available export methods, and any technical constraints on collection or production.
Understanding export formats is particularly critical. Not all data sources support all production formats. Some legacy systems can only export data in proprietary formats that require specialized processing. Some cloud platforms limit the metadata fields available for export. Some applications generate data that does not have a meaningful "document" equivalent — database records, for example, or structured data within enterprise resource planning systems. Knowing these limitations before you negotiate prevents you from agreeing to obligations you cannot fulfill.
The feasibility assessment should also identify metadata fields available from each data source. Different systems capture different metadata. Email systems typically provide sender, recipients, date, subject, and attachment information. File systems provide file name, path, creation date, modification date, and file size. Some systems capture additional metadata like author, last printed date, or version history. You need to know which metadata fields are available before you can agree to produce them.
Finally, assess attachment and family relationships. How are email attachments linked to parent emails in your system? Can your processing tools maintain these relationships? What about embedded objects, linked files, and container files (ZIP archives, PST files)? The treatment of family relationships is one of the most common sources of ESI protocol disputes, and understanding your technical capabilities in advance is essential to negotiating reasonable obligations.
The production format is arguably the most important provision in any ESI protocol. The three primary options are TIFF (tagged image file format), native, and hybrid (a combination of both). Each has advantages and limitations, and the right choice depends on the nature of the documents, the needs of the receiving party, and the requirements of the case.
TIFF production converts documents to static images, which can be Bates-stamped, redacted, and endorsed with confidentiality designations. This is the traditional approach and remains the default in many jurisdictions. However, TIFF production strips away interactivity: spreadsheets lose their formulas, presentations lose their animations, and the receiving party cannot search within the document images without a corresponding text file. For document types where interactivity matters — Excel spreadsheets, PowerPoint presentations, CAD drawings — native production is often more appropriate.
Native production delivers files in their original format, preserving all functionality. The receiving party can open a spreadsheet and interact with its formulas, or review a database in its native application. The trade-off is that native files cannot be Bates-stamped in the traditional sense (though unique document identifiers can be assigned in load files), and redactions are more complex. A hybrid approach — TIFF for standard documents, native for specialized file types — is increasingly common and often represents the best of both worlds.
Agree on the specific metadata fields to be produced. At a minimum, most protocols require document ID, Bates range, custodian, source, file name, file extension, file size, author, date created, date modified, date sent, sender, recipients (To, CC, BCC), subject, and MD5 hash. The Federal Production Remediation case study illustrates the consequences of getting this wrong: the original production required remediation precisely because it failed to include all 32 metadata fields required by the protocol. Agree on Bates numbering conventions — prefix, delimiter, number of digits — to prevent formatting inconsistencies that complicate cross-referencing.
One of the most contentious issues in modern ESI protocols is the treatment of hyperlinked files. When a document contains a hyperlink to another file — a link to a SharePoint document within an email, for example, or a hyperlink to a Google Drive file within a Slack message — is the linked file part of the "document" for production purposes? The answer has significant implications for scope, cost, and burden.
The traditional rule for email attachments is straightforward: attachments are part of the email family and must be produced together with the parent email. But hyperlinks are functionally different from attachments. A hyperlink points to a file that may be stored in a different system, may have been modified after the link was created, and may be accessible to many people beyond the author of the linking document. Courts have reached different conclusions on whether hyperlinked files must be produced as part of the document family.
Slack and Microsoft Teams data present particularly complex challenges. These platforms generate continuous, threaded conversations that do not map neatly to the traditional "document" paradigm. Slack data includes channels, direct messages, threads, reactions, file uploads, and integrations. Teams data is even more fragmented, with messages stored in Exchange Online, files in SharePoint, and meeting recordings in OneDrive or Stream. Your ESI protocol must address how this data will be collected, processed, and produced.
The best practice is to address these issues explicitly in the protocol rather than leaving them to be resolved through costly meet-and-confer sessions after disputes arise. Specify whether hyperlinked files will be treated as attachments. Define how Slack channels and Teams conversations will be segmented for review. Agree on how threaded conversations will be produced — as individual messages, as complete threads, or as consolidated conversation exports. Addressing these issues up front prevents the discovery disputes that consume disproportionate time and resources.
No ESI protocol can anticipate every issue that will arise during discovery. The best protocols build in flexibility mechanisms that allow the parties to resolve unforeseen issues without judicial intervention. Start with a meet-and-confer provision that requires the parties to discuss and attempt to resolve ESI disputes before filing motions. Specify the timeframe for response (e.g., five business days) and the method of communication (e.g., email followed by phone conference if not resolved).
Include a dispute resolution mechanism for issues that cannot be resolved through meet-and-confer. Some protocols designate an ESI special master or a discovery referee who can resolve technical disputes without burdening the court. Others provide for expedited briefing on ESI issues. The goal is to create a process that resolves disputes quickly and efficiently, keeping discovery moving forward rather than grinding to a halt while motions are briefed and decided.
A clawback provision is essential in every ESI protocol. Under Federal Rule of Evidence 502(d), a court can order that the inadvertent disclosure of privileged material does not constitute a waiver — and this protection extends to all courts and proceedings, not just the case in which the order is entered. A 502(d) order provides critical protection against privilege waiver when dealing with large-volume productions where the risk of inadvertent disclosure is inherent. Negotiate for a 502(d) order and include its terms in the ESI protocol.
Finally, build in provisions for protocol amendment. As discovery progresses, new data sources may be identified, new custodians may become relevant, and production requirements may need to be adjusted. A protocol that cannot be modified without court approval creates unnecessary rigidity. Include a provision that allows the parties to amend the protocol by mutual agreement, with either party retaining the right to seek judicial intervention if agreement cannot be reached.
DecoverAI's platform is designed to support compliance with even the most demanding ESI protocols. The platform supports multiple production formats, including TIFF with extracted text, native file production, and hybrid approaches that combine both. Users can configure production settings to match the specific requirements of their ESI protocol, including Bates numbering format, metadata field selection, and image endorsement (confidentiality stamps, page numbering).
Configurable metadata is a core feature of the platform. Users can select from dozens of metadata fields for inclusion in load files, and the platform automatically extracts and normalizes metadata from all supported file types. Whether your protocol requires 10 metadata fields or 32, the platform generates compliant load files in Concordance DAT, Relativity, or other standard formats. Metadata validation checks flag any documents with missing or inconsistent metadata before production.
The platform's ability to handle large volumes is demonstrated by The Pointe case study, where DecoverAI processed over 1 terabyte of data comprising more than 1 million files. The platform handled de-duplication, metadata extraction, file-type identification, and production formatting at scale — the kind of volume that would overwhelm manual workflows or smaller eDiscovery tools. For complex cases with demanding ESI protocols, this processing capacity is essential.
DecoverAI's pricing model — $60 per gigabyte for processing and hosting — makes ESI protocol compliance accessible to legal teams of all sizes. There are no per-user fees, no seat licenses, and no premium charges for advanced production formats. Whether you are a solo practitioner handling your first ESI protocol or a large firm managing multi-terabyte productions, the platform provides the technical capabilities needed to meet your obligations without the overhead of traditional enterprise eDiscovery tools.