How to Become Litigation Ready

Posted on November 24, 2010

0


eDiscovery is a process that is completely driven by litigation response: if you are involved in litigation and have received a legal hold letter, you must follow the legal rules and best practices to avoid fines, sanctions and worst case: severe damage to your reputation and the potential for additional law suits and investigations.

Organizations that have to respond (react) to serial litigation often decide to proactively become more litigation ready to prevent high costs, risk and interruption to business operations. They make the conscious decision to move from litigation response to litigation readiness.

ZyLAB

A Strategy to Become Litigation Ready?

To start with, here is a phased strategy to become litigation ready:

Phase 1:

–        Create a data map for your most legally risky archives.

–        Define a strategy to bring eDiscovery in-house. Start with Legal Hold (identification), collection, processing, early case assessment and legal production. Then implement legal review tools for 3rd parties, especially since most external law firms insist on using their own internal review tools.

Phase 2:

–        Bring eDiscovery in-house. Use and maintain a defensible methodology in parallel.

–        Define a strategy for Enterprise Information Archiving. Start with email, file shares, SharePoint, and possibly backup tapes and structured information. Continue if needed with cloud, multimedia and other off-site repositories.

–        Create and maintain a data map for your entire organization.

A year from now you should be here:

–        eDiscovery has become and internal, daily operating procedure.

–        You are prepared to respond to litigation because your most legally risky files are stored and accessible via EIA principles.

–        You continue to expand these principles in your organization to other legally risky files, other geographical locations, other divisions and outsourced, hosted and other off-site data collections.

The Road to Litigation Readiness

Now how can we do that? Pursuing litigation readiness falls in two parallel paths: one the one hand instituting proper tools and processes for eDiscovery, one the other hand, following Enterprise Information Archiving (EIA) principles. Where should you start? How will you succeed? How can you turn eDiscovery into a daily operating procedure and into a defensible and repeatable process? How can you use early case assessments to your benefit? Even if your organization sees little more than one large litigation each year, you may want to address these questions and consider bringing eDiscovery in-house and applying the principles of litigation readiness (see Gartner’s “eDiscovery Vendor Pricing: Quick Return on Investment if you know where to look”, Debra Logan and Whit Andrews, G00167273).

First, you will need to respond properly to a legal hold request and understand and follow the rules of the Federal Rules of Civil Procedure (FRCP) or other legislation you are subject to. Execute your legal hold interviews properly and create a legal hold report as soon as possible to determine who the relevant custodians are and where the data you need to collect is. This is a very process-driven activity that you and your legal counsel can bring in-house by automating the legal hold workflow, follow-up, auditing and reporting.

Where is your data?

Let’s start by looking at various locations and sources where the data that you have to collect may reside, so we can determine and prioritize the archives which we would like to make litigation ready first. There are:

–          Email

–          File shares

–          MS SharePoint

–          Backup-tapes

–          ERP, CRM, WCM and other structured databases

–          Cloud

–          Phone systems

–          Copiers and other MFP’s (spell out?)

–          Mobile devices

–          Home computers

–          Portable storage such as CD’s, DVD’s and USB drives.

Email

In more than 80% of all legal holds, email is part of the data that needs to be collected. All emails can be classified in one of the following categories:

–          Governance: a full dump of selected mailboxes on the email server.

–          eDiscovery: custodian driven collections from servers and file locations.

–          Records: archive emails from email client (Outlook, GroupWise & Notes) directly into RMA system with filing plan.

–          Business: archive emails by customer or project.

–          Transitory: non-archived email can be removed after 30 or 60 days.

Each of these categories has different retention requirements. What policies apply to you depend on your business and on the regulations that apply to you. Not everyone needs DoD 5015.2 or SEC compliant email archiving. Based on the requirements, you can select the right email archiving tools and setup the right email policy for your organization.

File Shares

Collecting from file shares is not as hard as it may seem, as long as you have the right software in place. With many of these tools, you can also execute retention policies and implement early case assessment. Make sure you can full-text index all data (also incrementally) and make sure whatever data manipulation action you perform is audited.

MS-SharePoint

SharePoint presents significant challenges for IT departments that are involved in eDiscovery. Many organizations have moved data from file shares into MS-SharePoint, and by doing so, they often create a new form of large unstructured and non-governed collections. When you use MS-SharePoint in your organization ensure you can:

–          Archive projects and documents based on various policies (closed, size, age, persons involved, set retention or expiration date, activity) into a open sustainable file format (such as XML and native files).

–          Do this with or without stubbing (replacing an object with a pointer to another low-cost storage location, so less expansive memory is occupied on the MS-SharePoint server).

–          Implement real-time archiving of files and projects.

–          Optionally, include all (hidden) meta-information in your archiving.

–          Allow Federated search to your archives from within MS-SharePoint.

By now, you will have covered 90-95% of all the data you will have to worry about. There will be cases that you need to collect from other sources such as backup-tapes, ERP, CRM, WCM and other structured databases, the cloud, phone systems, Copiers and other multi-functional printers (MFP’s), mobile devices, home computers and portable storage such as CD’s, DVD’s and USB drives. But since these collections are too numerous to count, can be widely dispersed, and are much harder to get under control, you should ask yourself whether an investment in litigation readiness will pay back. It may be more cost effective to address these infrequent sources on a case-by-case basis.

At the end of the day: you will have to start somewhere and email, files shares and MS-SharePoint are a much more sensible start.

Use and Maintain a Defensible and Repeatable Processes

Responding to requests for electronic information can be perplexing. First, identifying responsive information from huge stores of data can be time consuming, disruptive, and costly. Second, extracting data from computers in ways that reliably preserve evidence is not a simple task, as data can easily be altered either intentionally or accidentally. Recognizing these facts, litigators and investigators in both civil and criminal matters have begun to focus carefully on electronic discovery and the role of computer forensics — the science of reliably recovering and handling electronic storage media and the data contained therein so as to provide the appropriate foundations for admissible evidence.

Keep these main objectives in mind:

–          Avoid penalties, fines, cost of redoing the work, new strict deadlines for new productions, and bad PR.

–          Avoid sanctions for data spoliation and scrutiny of process, rules and methodology.

–          Leverage audits reports and implement quality control mechanisms.

–          Know what you do with information and know exactly how your tools work.

–          Be able to defend your processes in court against objections from opposing counsel.

This is why you need a well documented and proven methodology, including embedded quality control, auditing and a fully documented chain of custody.

The necessity to have a defensible, auditable and repeatable process in place, applies not only apply to bringing eDiscovery in-house, but also to executing and implementing enterprise information archiving, records management and other information governance processes.

Becoming Litigation Ready and bringing eDiscovery in-house is a profitable and worthwhile initiative, but one which requires careful implementation, quality control, auditing and a clear understand of how your eDiscovery technology works. If you bring eDiscovery in-house yet you handle it improperly, your ultimate costs can be significantly more than what you would have paid to outsource the work.

What technology do you need at minimum to become Litigation Ready?

 

eDiscovery software (SaaS or on-premise) for:

–          Distributing and managing legal hold interviews

–          Generate legal hold reports

–          Auditable collection of data from various sources

–          A dedicated eDiscovery server for preservation purposes

–          Processing tools for de-duplication, file and document property extraction, processing of embedded documents, bitmap recognition and OCR, and additional content analytics for automatic  first pass review.

–          Early Case Assessment with the right type of exploratory search techniques (text and content analytics, fuzzy, wildcard, faceted, proximity, quorum, concept search, data visualization, relevance ranking and many other tools, see also: https://zylab.wordpress.com/2010/09/23/what-is-the-term-%e2%80%98early-case-assessment%e2%80%99-really-about/ )

–          Web based Legal Review and redaction tools for 3rd parties

–          Legal Production tools that are capable to generate the main legal review formats.

Enterprise Information Archiving tools for at least (https://zylab.wordpress.com/2010/06/11/why-you-need-email-archiving-today-and-enterprise-information-archiving-tomorrow/ ):

–          Email

–          File Shares

–          MS-SharePoint

And if you have regular collections and eDiscovery cost, also consider optimizing Enterprise Archiving and eDiscovery policies for other collections such as: backup-tapes, ERP, CRM, WCM and other structured databases, the cloud, phone systems, Copiers and other MFP’s, mobile devices, home computers and off-site storage such as CD’s, DVD’s and USB sticks.

Advertisements