A conversation with Ryan Bosselman, Chief Operating Officer, ModeOne
Q: At what point does mobile collection shift from a task to an operational risk?
Ryan Bosselman: Having overseen eDiscovery operations at scale, across global teams and multiple lines of business, I’ve seen this play out repeatedly. It becomes an operational risk the moment it’s treated as a one-off activity instead of a repeatable process. In smaller matters, you can sometimes get away with ad hoc approaches. But as soon as you’re dealing with multiple custodians, multiple matters, or tight timelines, inconsistency starts to compound.
That’s where things break down; different teams doing things differently, unclear documentation, inconsistent outputs. It’s not just inefficient, it’s risky. If you can’t demonstrate that your process is consistent and defensible across matters, you’re exposed.
Q: What does “chaos” actually look like in mobile collection today?
Ryan Bosselman: Chaos usually isn’t obvious at first. It shows up as friction: delays in getting started, confusion around scope, back-and-forth between legal and IT, inconsistent data outputs.
You might have one team collecting full images, another trying to manually pull messages, and a third using a different tool altogether. There’s no standardization, no central visibility, and no clear accountability or audit trail across matters.
At scale, that kind of fragmentation creates serious problems. You lose control of the process, and more importantly, you lose confidence in the outcome.
Q: What does “control” look like in contrast?
Ryan Bosselman: Control comes from standardization. That means defined workflows, consistent tooling, and clear expectations across teams.
Every collection should follow the same process – how it’s initiated, how data is scoped, how it’s collected, how it’s documented. When that’s in place, you gain predictability. You know what the output will look like, how long it will take, and how to defend it if challenged.
It also reduces the burden on internal teams. Instead of reinventing the wheel every time, you’re executing against a proven framework.
Q: Where do organizations typically struggle when trying to scale mobile collection?
Ryan Bosselman: The biggest challenge is alignment. Legal, IT, compliance all have different priorities, and without a unified approach, things get siloed quickly.
Another issue is legacy thinking. A lot of organizations are still applying workflows that were designed for desktops and servers to mobile devices. That doesn’t translate well, especially in a BYOD environment where privacy and access are major considerations.
And then there’s the lack of standardization. Even organizations with strong teams often don’t have a consistent, repeatable process in place. That’s what prevents them from scaling effectively.
Q: You’ve managed large-scale eDiscovery operations. What separates high-performing teams from the rest?
Ryan Bosselman: High-performing teams treat collection as a system, not an event. They have vetted, standardized tools defined workflows, and clear policies around things like BYOD and communication platforms.
They also prioritize consistency. Every matter follows the same playbook, which makes it easier to manage risk, control costs, and move quickly when needed.
Most importantly, they’re proactive. They’re not figuring things out in the middle of a matter, they’ve already built the infrastructure to support it.
Q: When people think about risk in mobile discovery, they often think about tools or security. What are they missing?
Ryan Bosselman: They’re missing the fact that most risk has little to do with the technology itself. It comes from how the process is executed.
You can have the best tools in the world, but if your workflows aren’t standardized, your documentation isn’t consistent, or your teams aren’t aligned, you’re still exposed.
Risk lives in the gaps – between teams, between processes, and between what you think is happening and what’s actually happening.
Q: What are the most common non-technical risks you see?
Ryan Bosselman: Inconsistency is a big one. If collections are handled differently across matters, it becomes very difficult to defend your process.
Lack of documentation is another. If you can’t clearly show what was collected, how it was collected, and why, you’re opening the door to challenges.
And then there’s over-collection. Taking more data than necessary increases review costs and creates unnecessary privacy exposure. That’s a risk a lot of organizations underestimate.
Q: How does human error factor into mobile discovery risk?
Ryan Bosselman: It’s one of the biggest factors. Anytime you rely on manual processes or case-by-case decision-making, you introduce variability.
That doesn’t mean people are doing anything wrong; it just means the process isn’t designed to eliminate error. The goal should be to build workflows that are consistent and repeatable, so the outcome doesn’t depend on who’s executing it. My background is in measuring and modeling variability; that lens translates directly here. When you design a process, you’re essentially building in controls that reduce variance in the outcome. That’s what makes it defensible.
Q: Where do you see organizations underestimating risk the most?
Ryan Bosselman: BYOD environments are a big one. There’s often an assumption that existing policies or workflows are enough, but mobile data introduces a different level of complexity, especially when personal and professional information are intertwined. Being responsible for ModeOne’s privacy program, I see this tension regularly. Privacy considerations aren’t an afterthought, they have to be designed into the collection process from the start, or you create exposure on both ends.
Another area is speed. There’s pressure to move quickly, which can lead to shortcuts or poorly documented processes. Speed is important, but it has to be paired with structure. Otherwise, you’re creating downstream risk.
Q: How can organizations shift from reactive to proactive when it comes to mobile discovery?
Ryan Bosselman: It starts with treating mobile collection as a core operational function, not something you figure out when a matter arises.
That means defining your workflows in advance, aligning legal and IT, and implementing tools that support consistency and defensibility.
When that foundation is in place, you’re not reacting to each new situation, you’re executing against a system that’s already been designed to handle it.
Q: If you had to give one piece of advice to organizations trying to reduce risk in mobile discovery, what would it be?
Ryan Bosselman: Start with the process, but don’t underestimate the role technology plays in making that process possible.
The two are deeply connected. You need to select technology that can actually support a repeatable, defensible workflow, one that meets your legal and privacy obligations, scales across matters, and gives you consistent, auditable outputs. The right technology isn’t just a tool; it’s what makes the process sustainable.
If you get both right, purpose-built technology and a standardized process built around it, you’re not just reducing risk. You’re building a genuine operational advantage.