logo

Introduction to eDiscovery (Electronic Discovery): The Basics and Steps of the Process

Today, organizations often have terabytes of data, any of which could possibly be relevant to a legal case. Making this data discoverable is critical for legal professionals, but it’s an arduous task for the IT teams that support them.

This article explores what eDiscovery is and strategies for making the process fast, efficient and cost-effective.

What is eDiscovery?

eDiscovery (electronic discovery, e-discovery, ediscovery, e-Discovery) is a legal process that involves the identification, preservation, collection and delivery of electronically stored information (ESI) as evidence in lawsuits or investigations. Law firms and legal departments need eDiscovery because they are required to produce relevant ESI sources. The eDiscovery findings are exchanged between parties involved in a lawsuit.

Because eDiscovery is a critical legal and regulatory obligation, it is usually included in information governance programs. eDiscovery processes span various departments, involving legal, IT and business stakeholders.

What data can be considered ESI?

Electronically stored information (or ESI) can exist in a wide range of formats and types spread across an organization’s databases and other data stores. According to the Federal Rules of Civil Procedure (FRCP), ESI can include “writings, drawings, graphs, charts, photographs, sound recordings, images, and other data or data compilations.” Electronic information can also include  emails, documents, voicemail and audio/video files. It also includes any type of data from social media, instant messaging platforms or smartphone apps. That means that every tweet or Facebook post can be used as evidence in court.

Many types of ESI are challenging to deal with from a discovery perspective. Emails are a good example.  Legal requests often require relevant emails to be produced, but the high volume, lack of structure and distributed nature of this type of data makes enabling eDiscovery a real challenge for organizations.

Another important part of electronic data is the metadata embedded in electronic files. Metadata can specify the file’s creation date and time, author, location, and other properties. Metadata serves as an extremely important evidence and can be used to authenticate a piece of ESI, so it must be carefully preserved to prevent spoliation. Simply moving a file to another location can modify its metadata and raise questions about its authenticity as evidence.

What is the legal eDiscovery process?

The Electronic Discovery Reference Model (EDRM) divides the legal eDiscovery process into six stages: identification, preservation, collection, processing, review and production.

  • Identification, preservation and collection. Normally, the e-discovery process starts with the legal duty to preserve potentially relevant documents. In case of a foreseeable litigation action, attorneys define the scope of e-discovery and identify and preserve the relevant ESI to ensure it can’t be modified or deleted.
  • Processing, review and production. The ESI is collected, analyzed and formatted for use in court. Analysis is critical for cost saving because it helps to weed out irrelevant data before processing takes place.

Through all the stages, it’s also critical to keep eDiscovery activities trackable and documented.

The key to success with eDiscovery is to prepare before you have to act. But being ready for e-discovery processes is hard without a deep understanding of what data you have and where it is stored. As data volumes grow, organizations struggle with eDiscovery if they rely on manual process for categorizing data. Poor information management practices will drive up the cost of data collection in response to eDiscovery requests.

­­­­­­What are the guidelines for an eDiscovery process?

The Federal Rules of Civil Procedure (FRCP), which governs electronic discovery as an aspect of the civil legal procedure, specifies strict guidelines for the treatment of ESI. The law requires organizations to be ready for litigation by having discoverable ESI. Organizations have to respond to eDiscovery requests within 99 days of a lawsuit’s filing date, and within the 21-day period before a “meet and confer” session. Failure to meet these eDiscovery timeframes or forgoing eDiscovery entirely greatly diminishes a party’s chances of legal success. Failing to preserve or produce documents can be deemed spoliation, leading to fines and other sanctions.

What eDiscovery services exist on the market?

eDiscovery processes are complex due to large volumes of electronic data stored by companies. Fortunately, a variety of eDiscovery services are available to assist in making the workflow less time-consuming and expensive, and to provide litigation support by enabling faster and more defensible results.

For more complex tasks, organizations often outsource the eDiscovery process. But for typical corporate litigations and legal issues like employment disputes, eDiscovery can often be performed internally. Here are some of the key processes and services to know about.

  • Data collection services and computer forensics are used for identifying and collecting potentially relevant data from various data sources, including cloud, mobile or recovery systems. Collection methodologies can differ for civil and criminal cases, and depend on the amount of data, availability and skill of internal IT resources, and accessibility of data sources. One solid option is data discovery and classification software. These solutions classify data by type, and can identify potential evidence and move it to a safe location to protect against inappropriate alteration or destruction.
  • Data preservation involves protecting ESI against modification or deletion. Common data preservation techniques include the legal hold process, the collect-to-preserve approach, and automatic in-place preservation (such as freezing the delete function).
  • eDiscovery processing prepares documents for review and production by extracting the relevant data and otherwise cleaning up the eDiscovery findings. It involves includes metadata extraction, cataloging and deduplication (ensuring that only one copy of each relevant document is presented).
  • Early case assessment (ECA) is used when it’s necessary to identify and gather potential evidence early in a legal matter. To shorten the project timeline and minimize costs, it’s essential to limit the amount of data collected by working with custodians (users who possess potentially relevant ESI) to understand which data might be relevant to the litigation. ECA can also involve data analytics to support legal counsel with objective assessments of available information.

Conclusion

By implementing sound eDiscovery processes, you can reduce the costs of complying with eDiscovery requests; improve your litigation readiness and compliance; increase the accuracy of data retention and retrieval; and ensure the security and privacy of ESI required for litigation.

Product Evangelist at Netwrix Corporation, writer, and presenter. Ryan specializes in evangelizing cybersecurity and promoting the importance of visibility into IT changes and data access. As an author, Ryan focuses on IT security trends, surveys, and industry insights.