Last week, I sat on a panel at Georgetown University (Advanced eDiscovery Institute) where the focus was on technology tools for bringing eDiscovery in-house. The concept is that, rather than spending on reactive data collections and third party consultants who charge by the project, what aspects of eDiscovery should be done with an organization's own people, process and technology.
The panel considered four types of technologies - email management, work-flow, search/collection, and review. Each have positive and negatives, which I summarize as follows:
Before discussing the technologies, one point had the universal support of the panel and the audience; namely, that no technology will fully succeed in helping to solve eDiscovery challenges unless the organization first understood where that technology fit into a defensible and repeatable process.
Email Archive/Management: there was strong agreement on the panel that a tipping point had been reached for most organizations, and it was more costly (both from a storage management perspective and an eDiscovery perspective) to do nothing versus building out an email archive. An archive allows the emails to be brought to one place where they can be found, de-duplicated, stored more efficiently, and importantly deleted at the end of a retention period. Without an archive, emails tend to end up as psts (personal archives on individual desktops and shared drives) or on backup tapes, where they're duplicated over and over, never deleted and the content is costly and risky to discover and preserve. The downsides of email archives include the lack of granular classification, and implementation cost (but those costs should be re-couped if the archive is done properly, and depending on the chosen policy).
Work-flow: this is a tool that does not control the flow of information, but rather automates aspects of the eDiscovery litigation hold process (ie rather than manually keeping track of which employees are subject to litigation holds on spreadsheets, this type of tool provides a dashboard for managing that process). There was general agreement that this type of tool was very helpful to the paramount issue of having in place a defensible process. It is typically a fit only for larger organizations who have so much litigation that they're willing to invest in a 'dashboard' to help manage it and reduce the risk.
Search/Collection: think of these tools as utilities that crawl unstructured environments and index them, allowing for much more efficient data collection. There was a difference of opinion about these tools, where one panel member thought they were not mature enough and that he was more comfortable doing manual collections that could be demonstrated to be forensically sound. I didn't get much of a chance to say so on the panel, but I disagree with that point of view. In my view, these tools are increasingly going to be leveraged by companies who want to collect and policy manage content that is sitting on file shares and desktops (and is outside of a central repository such as an email archive). Given that these tools allow for hashing and chain of custody, I believe they will more than meet the (developing) court requirements for authenticity and the admissibility of evidence.
Review: the concept here is that, after collecting content, it is loaded into a review platform (for attorneys to review each document and determine if it is responsive/non-responsive, and privileged/non-privileged). Today, most review is hosted by third parties, but a small number of organizations have brought these review platforms in-house. There did not seem to be a huge amount of support for this type of application. My point of view is that eventually this type of tool might be brought in-house by some organizations, but for now, what I see organizations doing, is focusing on the core issue, which is how the information is being managed in the first place, rather than focusing on how it gets reviewed on the back end.
The bottom line for me was (i) you must have a defensible process, (ii) technology is increasingly being leveraged and in-sourced because a purely outsourced model is expensive, and (iii) the core issue to be addressed is the policy management of information throughout its lifecycle. --A
Comments