This is Part One of a continuing series on ESI basics. In this series, we will cover some of the terms used most often on the tech-side of e-discovery. Whether this is an introduction to you or a refresher, and whether you are an attorney, member of an in-house team or data analyst, this information may come in handy in your practice.
We work with PST files and e-mail messages almost every day. But what are PST files? Why are they important? And how should we handle them?
When we collect email messages for the purposes of e-discovery, they most often come in the form of PST files. PST files are container files that hold e-mail messages, attachments, calendar items and other Outlook items, all compressed and organized in a mini database. These PST files even have encryption options! Over the years, PST files have become a very convenient method for transporting e-mail messages in bulk to law firms and attorneys so they can be processed and reviewed by case teams.
The Genesis of PSTs
The PST, or Personal Storage Table, was designed by Microsoft in the mid-1990s to hold e-mail messages and other items for its Outlook application. PSTs were considered a brilliant innovation at a time when server storage space was really expensive as they allowed users to take e-mail items off the server and store them locally on personal computer hard drives. This innovation not only solved the space problem; it also allowed users - at a time of unreliable dial-up Internet connections - to connect to the e-mail server, download e-mail and review offline at their own pace. How cool was that? In the ‘90s that was super cool!
Are PST Files Perfect?
Unfortunately, nothing is perfect. While PSTs were a brilliant innovation in the ‘90s, technology and the Internet, along with business, evolved. When handled improperly, PSTs can be a liability because they are easily corrupted.
PSTs: Handle With Care Lest You Corrupt!
PSTs were not designed to be accessed on a shared network and attempting to review email messages stored this way may cause corruption. Further, PSTs were designed to be accessed by a single user and attempted access by multiple users may also cause corruption.
While corrupted PSTs can often be repaired, repair attempts may alter e-mail messages. Further, processing options like deduplication may not properly function with repaired PSTs. Even worse, repairing PSTs may inadvertently result in spoliation.
How to Properly Handle PST Files?
Don’t run the risk of corrupting PSTs and spoliating evidence by trying to view the e-mail messages through your own Outlook. The ramifications of altering content and metadata are far-reaching and the risks are too great. Have the PSTs properly processed first, and then review the e-mail messages in Relativity or another review tool with robust search, redaction and production options.