The Evolution of Data Preservation in eDiscovery

The Evolution of Data Preservation in eDiscovery

From Discovery to eDiscovery: The Path of Data Preservation

Once upon a time in litigation, document and information exchange was called “discovery.” Then one day, computers, email, cloud systems, paperless offices, mobile devices, never-ending new “Apps” and other computerized systems introduced a whole new frontier. Paper documents, while once the focus of most discovery efforts, quickly went from the forefront to almost an afterthought, as lawyers began to pursue this new category of evidence known as electronically stored information or ESI. The complex and challenging “eDiscovery” world emerged quickly and took over the bulk of discovery efforts and focus.

Before long, IT and law entwined. Law firms, in-house legal departments, and companies quickly found themselves overwhelmed. This new world of eDiscovery was not just about finding, reviewing and producing an amazingly complex and ever-expanding universe of electronic data. It also placed new rules on how and when to preserve, collect, and produce that data. The situation demanded a new focus on data preservation, an expansion of IT responsibilities, and a new world of consultants, solutions and options to help ensure compliance with those obligations.

What is Data Preservation?

In its simplest definition, data preservation involves identifying, securing, and maintaining data in anticipation of litigation or other legal or regulatory requirements. In our context here, we’ll focus mostly on preservation related to litigation or other legal proceedings, but similar obligations arise with respect to a vast array of regulatory requirements as well. 

In eDiscovery, there’s a heightened focus on maintaining ESI in an original and unaltered condition. Unlike paper documents, electronic documents contain metadata. Metadata is data (both internal and external to the actual data) that contains information about that data. It includes important information like creation dates, authors, external references, and changes to that data over time (e.g., track changes). Since that metadata can be instrumental in litigation, courts demand that organizations preserve it just as they do the data and documents themselves.

If you do not preserve (and produce) the data with intact metadata, your opposing party and/or the court may hold that against you. Just as in traditional discovery, missing information, or information you fail to provide, can be used to suggest that you or your organization are hiding something. Compromised ESI or metadata is considered “spoiled,” so courts refer to that as “data spoliation.”

If a court determines that you did not properly preserve your ESI with metadata intact, you can face discovery sanctions. When a court assesses this situation, in primary it considers:

  • Your culpability: Was the data spoliation intentional or negligent?
  • Effect on the other party: Was the spoliation prejudicial to their case, e.g., could it change the results?
  • Remediation: Can the data spoliation be remediated in a way that repairs the issue?

Minor violations can result in fines and fee awards against the offending party. In more severe spoliation cases, you may face default judgments or instructions to the jury to consider any missing information as adverse to your claims or defenses. Some rare cases have resulted in criminal proceedings.

The best way to avoid this scenario is with a data preservation policy. Keep emails, electronic contracts, chat conversations in work apps, and other electronic documents and data safe and secure when required. When your company moves or archives data, make sure that you fully track that process. Of course, when issuing legal hold notices, instruct employees not to move or otherwise manipulate any data subject to retention, as that could alter critical metadata.

The Early Days of eDiscovery & Data Preservation

The evolution of data preservation started in the days of paper discovery and the often fire-alarm nature of discovery requests. Now, the integration of ESI requires a less reactive strategy and a more proactive approach.

Putting the “e” in eDiscovery

Lawyers who have practiced more than twenty years remember the days of discovery involving paper document review and the constant whir of a copy machine. The process was slow and labor-intensive, but it was a straightforward one, and volume was usually miniscule compared to the modern world of eDiscovery.

This all changed when email became a primary source of communication. Paper letter exchanges decreased drastically, replaced with a continually growing volume of emails and other electronic communications.

Very early on, in a flawed effort to reduce burden and costs, lawyers often made unspoken agreements that discovery responses need not include email or electronic data. In those early days of eDiscovery, when persistent attorneys insisted on seeing emails and electronic documents, this data was often treated as paper; it was merely printed out, reviewed, and produced in paper form, without text or metadata.

But younger generations of lawyers and consultants with technical experience, knowledge, and a better understanding of electronic documents continued to force evolution. As the legal industry came to understand that metadata can reveal so much more about electronic documents, many litigators started to insist on its inclusion.

The requests for these electronic documents became known as eDiscovery. This development sent organizations scrambling; not only did they need to preserve data in its complete form, but they needed policies and procedures to ensure and enforce that preservation.

Data Preservation Triggers

The most challenging aspect of data preservation that endures today is knowing when data preservation obligations are triggered, what and how much data needs to be preserved, and for how long. Saving too much data can be as problematic as failing to keep it. To complicate matters, the law regarding data preservation triggers has developed mostly in case law, as the Federal Rules of Civil Procedure (FRCP) and the state equivalents usually offer little in the way of direct, clear guidance.

At first, most data preservation triggers and subsequent data preservation efforts were reactive. Parties suddenly worked on preserving data once they received a complaint or a data preservation demand from opposing counsel. However, that approach changed when case law established that organizations and individuals are expected to take data preservation steps as soon as there is a reasonable expectation of litigation (or other legal proceeding). That guideline is helpful but still subjective and far from a bright line. While other standards have been suggested, that standard remains the law of the land.

The EDRM Model Emerges

As electronic data and eDiscovery took over, significant efforts were directed at creating model workflows and establishing best practice recommendations to help organizations meet those requirements. In 2005, a new model started to take hold: the Electronic Discovery Reference Model, or EDRM.

At the outset, the EDRM process started with the identification, preservation and collection of potentially relevant or responsive data. In more recent years, the EDRM has grown to embrace the full information governance lifecycle, of which eDiscovery is now recognized as a part. Also referred to as IG, information governance is the overall policy controlling information lifecycles within an organization. It balances the risk and responsibilities of retaining and securing data against the value of doing so, as well as the legal and regulatory retention requirements therein.

A company’s IG policy will depend on the industry and its regulatory requirements. The key question when creating a retention policy is this: Is the value of data not subject to legal or regulation retention requirements outweighed by the risks of that data being improperly disclosed (through, for example, an accidental disclosure or malicious hack)? If data has little or no intrinsic value to an organization, and there is no legal or regulatory reason to retain that data, then the scales today tilt toward defensible data (and thereby risk) reduction.

Once you have an information policy, the EDRM helps you determine what data you retain and how you manage that retained data. It includes the following:

  • Information management: Implementing information governance policies and practices that reduce risk and expense, while ensuring legal and regulatory retention
  • Identification: Locating and identifying ESI for management
  • Preservation: Determine potential ESI for current or potential future eDiscovery (and regulatory) needs, and create an appropriate retention process.
  • Collection: The defensibly sound process for collecting data identified for preservation when that data is needed for legal or regulatory reviews
  • Processing: The workflow for normalizing collected data, culling out clearly irrelevant data (like known and system files), de-duplicating that data, searching and filtering that data where appropriate, and preparing it for review
  • Review: Determine on a file-by-file basis whether that ESI is relevant or responsive to eDiscovery or regulatory demands.
  • Analysis: Detailed and often machine-learning-assisted review of ESI for relevant or responsive content, context, topics, and patterns
  • Production: Provide ESI to other parties, usually following an agreed-upon production protocol.
  • Presentation: Use ESI for depositions, hearings, trial exhibits, and other legal or regulatory needs.

The EDRM helped usher in a new world of proactive policymaking, and it provided a road map for active eDiscovery. It helped transform eDiscovery – the preparation for and performance of – from an overwhelming, chaotic and often rushed job to a planned, defined and standard practice. Today, most organizations use the Electronic Discovery Reference Model, or a derivative thereof, when designing data preservation policies.

Modern Data Preservation

Fresh approaches to eDiscovery and data preservation include:

  • More technologically advanced and effective options for ESI identification, preservation, collection and management
  • Less reactive and more proactive processes: Rather than treating discovery like a fire drill where all hands panic on deck, it’s often considered a standard business process.
  • Better and more consistent legal guidelines and standardized expectations
  • More involvement from and driven by in-house legal and IT departments

New challenges constantly appear on the horizon as well. The rise of remote work accelerated the use of collaborative platforms and the associated data that users create in Teams, Slack, and many others. Consider too the ever-growing importance and relevancy of instant messaging, chats, social media, IoT devices and the like. The list of potential sources grows with each new day.

The challenge with collaborative data lies in its complexity, its location in cloud environment outside an organization’s four walls, and the fact that many simply were not designed with data preservation and collection (legal or regulatory) in mind. And with some of those solutions, important data and conversations often reside not on a centralized store, but on the mobile devices and computers of individual employees.

Such collaborative data is relevant to many types of claims. Those discussions may reveal workplace discrimination, knowledge of and details about actual or potential product defects, IT security efforts, practices and flaws, and can even reveal malicious intentions to hide or erase ESI. Data preservation is challenging in this area but not impossible. If your organization uses these collaboration apps, you must find a way to include that data in your information governance policy and eDiscovery processes and workflows.

Need Help?

BIA offers skilled experts and an unrivaled experience to help with any data identification and preservation needs. We offer services across the entire EDRM process, for law firms, companies, in-house legal departments and governmental agencies. What may be surprising is that such assistance is often the most cost-effective approach, especially if you’re embroiled in a complex lawsuit.

We offer:

  • Comprehensive identification, location and preservation of ESI, including both remote data collections and full forensic solutions
  • Advanced and fast data processing
  • Multiple document review hosting platforms to support anything from small internal investigations to large, complex, TAR/CMML machine learning-driven document review processes and privilege reviews
  • Complex searching and analytics assistance to help identify relevant and responsive ESI
  • Document production processes and workflows designed to avoid production issues like inadvertent privilege productions, spoliation claims and other issues that could lead to adverse consequences (or worse, sanctions)
  • A deep bench of certified legal, technical, and forensic experts, so you do not have to go it alone

eDiscovery and data preservation continues to evolve, making the entire process more complex and fraught with potential landmines. Rather than worry about providing complete data or developing whole new eDiscovery approaches on your own, we invite you to contact BIA today for help developing a process with less stress and more results in your favor.