In 2003, securities giant UBS Warburg was sued by one of its salespersons in what seemed to be a fairly commonplace employment discrimination suit. The way the company handled its electronic information once the suit was filed landed it in deep trouble, however.
More compliance FAQs?
Get caught up on regulations and more with our
In 2004, a court found that UBS Warburg failed to save emails that might have been used as evidence against it and ordered the company to pay the employee $29.3 million. The landmark case, Zubulake v UBS Warburg, broke new ground for electronic data that must be produced during a lawsuit, a requirement known as electronic discovery, or e-discovery. Since then, the law and practice surrounding the legal obligations for handling e-discovery have continued to evolve.
Key Briefing: How State Farm saves millions on electronic data discovery
State Farm wanted control over and consistency within its e-discovery process. By keeping 25 years' worth of documents in production systems fronted by a master management system, the company greatly reduced the cost of responding to lawsuits.
- What is e-discovery?
- What is generally required by e-discovery?
- Who or what is affected by e-discovery?
- What is the role of IT in e-discovery?
- What are the penalties for noncompliance with e-discovery laws or regulations?
When a company is sued, the parties in the lawsuit ask for documents and other evidence from each other so they can fully explore the facts of the case prior to a trial. E-discovery is the process of exchanging documents and other information in electronic form. Lawyers define this as electronically stored information (ESI). E-discovery involves identifying, locating, retrieving and handing over the requested information. Because the lion's share of corporate information is now stored electronically, e-discovery can be a complicated, time-consuming and expensive process.
The IT Manager's Guide to e-Discovery
In this e-book from SearchWinIT.com, learn more about e-discovery and how IT shops should prepare for it.
Data of all types can be used as evidence during the e-discovery process, according to WhatIs.com's definition for e-discovery: "This can include text, images, calendar files, databases, spreadsheets, audio files, animation, websites and computer programs. Even malware such as viruses, Trojans and spyware can be secured and investigated. Email can be an especially valuable source of evidence in civil or criminal litigation, because people are often less careful in these exchanges than in hard-copy correspondence such as written memos and postal letters."
E-discovery: A primer for financial organizations
E-discovery has led to some confusion at financial firms. Learn more about why e-discovery is important, how it applies to your organization and what you should be doing about it.
As recently as Dec. 1, 2006, the U.S. Supreme Court amended the Federal Rules of Civil Procedures to account for the discovery of electronic information. The amendments created a category for ESI, specifically mentioning email and instant messages as records that should be saved and turned over when relevant.
Discovering e-discovery services: How information security pros should prepare
Updates to the federal regulations governing the disclosure of electronic information during litigation changed e-discovery rules and the role that information security officers must play.
Once an organization becomes aware that it is being sued or is about to be sued, it must preserve all relevant records. This process, known as a litigation hold, is designed to prevent anyone from destroying or altering evidence. If an organization doesn't properly implement a litigation hold, it can end up getting hit with heavy sanctions.
When parties to a lawsuit initially get together to talk about the e-discovery process, they start with a list of all potentially relevant electronic data and then discuss surrounding issues such as timing, collection methods and costs. They talk about how they will preserve data and what format they will deliver documents in. The goal is to agree on preserving the necessary data without overly disrupting the company's business, which can be accomplished by integrating e-discovery and the litigation process.
E-discovery management: How IT should interact with the legal team
Amid the growing importance of electronic discovery, it's critical that an organization's IT team strike a good working relationship with its legal team.
Despite the complexity and potentially high cost of the legal discovery process, there are no exact guidelines or standards for the process. Software programs are increasingly available to ease the burden. Vendors, attorneys and end users also collaborated to develop a framework for the process, called the Electronic Discovery Reference Model (EDRM).
EDRM breaks the process down into six steps: information management; identification; preservation and collection; processing, review and analysis; production; and, finally, presentation. The first step, information management, begins well before litigation and essentially involves "getting your electronic house in order." Identification is the process of locating potential sources of information. Preservation means protecting the data from being inappropriately altered or destroyed. The processing, review and analysis step includes evaluating the data for relevance and putting it in a format suitable for handling. Production means delivering the data in an appropriate form. And presentation is displaying it at a deposition, hearing, trial or other venue.
E-discovery and building a document retention policy
This five-part e-discovery tutorial from SearchStorage.com provides an overview of the 2009 e-discovery market, with insight from users, vendors and corporate counsels. Learn more about purchasing an e-discovery software tool, understanding EDRM and setting e-discovery policies.
A wide range of employees throughout an organization can be affected by e-discovery law. In addition to the legal and risk management teams, the IT team -- which can include the CIO, security professionals, system administrators and other "document custodians" -- is directly involved.
In a less direct way, e-discovery affects more or less an entire organization -- including end users, who create and store documents.
School districts wrestling with ABCs of electronic discovery, compliance
For many public schools, confusion about the legal requirements and a lack of funding present roadblocks to data compliance.
E-discovery experts recommend that everyone in an organization follow a consistent data destruction policy to prevent fishing expeditions by the opposing side. In this regard, the entire organization is affected by the potential for e-discovery, even when no lawsuit has been filed.
Email archiving and e-discovery best practices for Microsoft Exchange
Learn Exchange Server email archiving and e-discovery best practices, including how to implement backups, email retention and archiving strategies.
In addition to emails and IMs, there is a near-limitless universe of electronic data included in e-discovery. According to Bruce Wilson, a law and technology consultant, frequently requested data includes "databases, spreadsheets, word processing documents, emails, instant messages, voicemail and other recordings, web pages, images, metadata about documents, document backup tapes, erased but still recoverable documents, and everything else attorneys can think of that might help explain the circumstances on which the lawsuit is based." Other possibilities include website log files, cookies and cache files. ESI may be found on hard drives, floppy disks, CDs, DVDs, magnetic tapes, personal digital assistants, cell phones, logs, websites, memory sticks or other media.
Email archiving needs soar as e-discovery requests rise
Data storage professionals faced with exponential data growth and the increasing chance of e-discovery requests and litigation holds are driving a dynamic email archiving market.
What's more, metadata -- information such as a document's creation date, revision history and the author's notes -- typically is also part of an e-discovery request. Litigators may review data as native files, TIFF images or paper documents.
Easing e-discovery preparation by mapping enterprise data
With a well-planned data retention policy, an organization can often avoid tracking down old data when served with an e-discovery request.
It's likely that an IT department will be involved in the discovery process. Since this job requires knowing where, when, why and how the company stores and destroys data as well as how to retrieve it, the IT team's role has to begin with information management, well before there's any hint of litigation. Successful e-discovery that minimizes costs relies on an organization's information management strategy, namely its data retention/destruction policy and data management system.
Because of IT's large role in e-discovery, and because e-discovery has such broad implications for IT operations, experts advise that IT professionals familiarize themselves with the basics of e-discovery law and legal terms. Experts also advise that an organization's IT and legal departments collaborate on important policies and procedures for e-discovery, such as which formats data should be archived in or how long to store metadata. Courts often want to know about policies for data retention, litigation holds and information integrity, so it's vital that policies are documented and systems support them.
E-discovery best practices
To establish best practices for e-discovery and data retention, data storage professionals must collaborate with legal teams.
An often-referenced source for data retention principles for the purpose of e-discovery is a working group in The Sedona Conference. The group has published a series of best practices and commentaries covering the evolving nature of e-discovery requirements.
Once the e-discovery process is in motion, IT managers work with lawyers and other people in the company with knowledge of the subject of the litigation. They try to identify what requested documents exist, where they're located and who created or controls them. Then they issue the litigation hold. After that, the potentially relevant documents are copied, sorted and prioritized. Finally, the relevant documents are converted into image files and/or paper documents and given to the other party.
Selecting an e-discovery software tool
Learn the criteria storage managers use to choose an e-discovery software tool.
It's critical that someone in the organization knows how to collect, process and review ESI without accidentally altering it, because inadvertent alterations can result in "spoliation," which is the destruction or alteration of information that could be used as evidence. As the definition for spoliation on WhatIs.com points out, "Spoliation is illegal in many countries, including the United States, and is punishable by fine and/or incarceration.
"Furthermore, the legal system has established through case law that when spoliation has occurred it may be inferred that the evidence was unfavorable to the responsible party. As a result, that inference may be factored into the decision of the case." It's wise to review e-discovery practices to reduce the risk of spoliation. Chapter 4 of Ralph C. Losey's book e-Discovery: Current Trends and Cases covers spoliation and sanctions.
IT professionals may also work with an organization's outside counsel to help them understand the information architecture, systems and databases so they can make informed decisions about identifying, preserving and collecting requested data.
Discovery process puts onus on electronic records management tools
Electronic records are now considered equivalent to paper records in the discovery process for regulatory compliance or legal cases, but new search tools are available to help.
E-discovery product specifications
The product snapshots in this guide highlight key specifications for a cross section of e-discovery tools.
The UBS Warburg case set a precedent for identifying, preserving and producing emails and implementing litigation holds. Other high-profile cases have subsequently resulted in heavy sanctions for spoliation. PricewaterhouseCoopers was penalized with a $345 million judgment for not preserving materials under a litigation hold. Morgan Stanley was ordered to pay $1.45 billion following a ruling of e-discovery violations, although the ruling was later overturned.
Monetary damages aren't the only penalties for noncompliance. Failure to comply can also result in a company's own employees being barred from testifying or other evidence being excluded. Noncompliance can also lead to an "adverse influence" jury instruction that can cost a company the case.
Judges have held also companies in contempt for not fully complying with e-discovery rules. A judge in Louisiana recently called Dell Inc.'s e-discovery conduct "unconscionable" after learning that the company's search efforts in an ongoing case did not include words such as camera.
In one of the most extreme cases, Arthur Andersen was handed a criminal conviction for obstructing justice for shredding records just before being handed a subpoena from the U.S. Securities and Exchange Commission. Even though it was later reversed, the impact of this charge played a large part in forcing the company to shut down and ushered in the conditions for the Sarbanes-Oxley Act.
How e-discovery and email archiving tools address litigation in SMBs
Among litigation, compliance, audits and internal initiatives, small and medium-sized businesses can effectively leverage e-discovery tools. This article explores how e-discovery and email archiving fit in to storage for SMBs.
Let us know what you think about the FAQ; email firstname.lastname@example.org.
This was first published in July 2009