If the Nuix User Exchange at Huntington Beach in California last week was dominated by Nuix’s acquisition of Ringtail (I wrote about that here), that is hardly surprising. It was not, I think, the original plan – there was plenty else on the agenda – but this acquisition has generated more interest and excitement than any I have seen.
The opening keynote by Global CEO Rod Vawdrey took care to cover the many other things which Nuix does. Nuix, he said, had listened to its partners and customers over a range of activities and had responded.
Nuix Global CEO Rod Vawdrey
Users wanted Nuix to be more in the cloud. They wanted more automation and closer orchestration of all Nuix products in a seamless environment. They wanted a more complete solution “from endpoint to courtroom”, and wanted to get their eyes quickly onto the documents which mattered. New problems arose and old ones expanded – he referred in particular to the proliferation of different types of data and the complexity of dealing with social media. Clients wanted to be able to “ask any question of the data”, for discovery, forensics, incident response and compliance, with the GDPR as an obvious example of an imperative. Users needed to get closer to the point of an event with near real-time response, closing the gap between an incident and the reaction to it.
Nuix Global CEO Rod Vawdrey – delivering what customers had asked for
Turning to the Ringtail acquisition, Rod Vawdrey said that roughly half of the software market was for processing while most of the rest was in review. There had been a lot of consolidation in the market. Customers benefit from consolidation because scale brings unit costs down, but there is often an integration challenge when one software company buys another. That, he said, was not a problem which Nuix had to solve with Ringtail because the two companies had worked together, particularly in the last three years, so that technical integration existed from the beginning of the acquisition.
He said that Nuix would continue to work with others for processing whilst developing its own better and more complete solution with seamless integration.
Bill Adams, Head of Ringtail, described the last few years of development as a “turnaround story”, with new features, the development of a SaaS solution, and a sophisticated process for managing continuous development on a single code base, all resulting in a 40% growth.
Bill Adams, Head of Ringtail
Jonathan Rees, CEO EMEA, focused on a particular problem-solving case study – a company which faced a difficult problem with Subject Access Requests which, it had been estimated, would take 18 months to solve – an unacceptable timescale even before the GDPR came into force. The Nuix solution reduced that gap to hours, not just solving the existing problem but stream-lining the company’s ability to react to future requests.
Nuix CEO EMEA Jonathan Rees
CTO Stephen Stewart had the task of “taking all the things which Nuix does and cramming it into 35 minutes”. He talked first of data lakes (“not data ponds”) which were far from the idealised picture of a clear blue stretch of water once you looked at what was being pumped into them. Nuix, he said, offered speed, consistency and a repeatable and defensible way to queue up the processes and let them run across multiple stores of widely varying data types.
As to the Ringtail acquisition, Stephen Stewart emphasised that Nuix “never left eDiscovery”. When the subject of Ringtail first came up, he had not seen it for many years and thought that it was old technology. He had quickly changed his view on seeing Ringtail as it is now.
It had, he said, “every feature I have ever seen on any RFP that I have responded to in the last 10 years”. I interviewed Stephen Stewart shortly after his speech and will leave the detail of his enthusiasm to be covered in that.
The best non-Nuix session was given by Theresa Payton, CEO of Fortalice Solutions LLC. Its title, Hype or Reality? Your workplace and blockchain, cryptocurrency, artificial intelligence, machine leading, and the Internet of Things seemed over-ambitious for a 60-minute talk, but Theresa Payton touched (and usefully) on all of them. Along the way, she brought in misinformation campaigns, unconscious bias in artificial intelligence, the monetisation of apparently dull personal data, and the downsides of the tea-maker which knows when you get to work (if it does, then so does the hacker).
How many different providers are involved in a single device, each with its own terms and conditions? How long is the supply chain? What standards do they observe? Who is observing them?
Given all that, how should all these things be regulated? Regulation from governments or international standards was not the answer, not least because it would arrive too late for the then-prevailing technology. Regulation tends to come down to the ticking of check-boxes – “we’ve done the right thing because we’ve checked all the boxes”. The industry must take a stand and take the lead in self-regulation.
I moderated a panel called 4 months on – GDPR winners and losers with Brian Tuemmler and David Smith of Nuix, and Rebecca Beard of Gilead. While it might be considered premature to draw up a balance sheet of winners and losers, we can begin to see who might fall into one category or the other. There is a difference between breach of personal data and misuse of personal data in terms of culpability and therefore of potential fines. Not all breaches are equal, in terms either of their effects or of the blame and punishment for the causes. The aftermath – how companies deal with the problem, the regulator and the affected customers – will go into the scales in assessing the fines, but it is too early to guess what they might be, and unhelpful simply to imply that everyone is liable to face the maximum fines.
Companies facing high volumes of subject access requests would be losers – they already were losers indeed, judging by some of the anecdotes in circulation. A loser can be converted into a winner, as in the example which Jonathan Rees had given us that morning of a DSAR situation which Nuix had remedied for its customer.
The winners include – well, pretty well every individual who now had better protection for their private data, not just under the GDPR but in the growing number of jurisdictions planning privacy regulations. Companies which complied with pre-existing regulations, or who had moved quickly to identify defects and begun to remedy them, were clearly winners, at least relative to those who had not.
We quoted from a survey which showed that many organisations s seem to have little confidence in their own readiness to face privacy challenges. They had no idea either of the potential cost of either of dealing with routine matters like subject access requests or of facing the consequences of a security breach. If you have no idea of the downside, how can you determine the degree of preparation (and budget) needed to anticipate them?
The overriding message was effectively the same as it has been since we first heard of the pending GDPR – while there are significant potential downsides for those who have taken no steps to prepare, there are positive benefits for those who have done so.
My other reason for being at the Nuix User Exchange was to do a lot of video interviews. Usually, I take one or two of my sons and a pile of equipment, and we do our own filming and processing. This time Nuix did all that, leaving me to conduct the interviews. The best (or at least the most fun) was my interview with Ari Kaplan. Despite covering the same subjects for many years, we have never actually done anything together and I look forward to seeing the results of that interview.
Nuix is always good at the social side of its events. There were activities such as surfing on Sunday before the event started, and each evening brought a party, two of them out on the lawn overlooking the beach. At Huntington Beach that means overlooking the sunset and no one was complaining at that.
This was an excellent event, even without the added spice of the Ringtail acquisition. A lot of learning was done, both in the many technical sessions and in those, like my GDPR panel, which covered the context in which the technology is used.
The addition of Ringtail will bring new audiences next year. Hitherto the emphasis at this event has been on technical aspects. Next year we can expect more lawyers and other users.