Take Away: With all the buzz surrounding Web 2.0 technology and web-based collaboration, do you know where your business data is and do you have a plan for identifying and preserving relevant data to litigation?
Just when organizations are finally starting to get used to the idea that they need to manage their data and have a plan in place to identify, preserve, and collect data relevant to litigation before they are faced with said litigation, new technology advances throw yet another wrench into the machine. The term Web 2.0 has been around for awhile now, but organizations are just now starting to realize the E-discovery implications of all of these great collaboration tools.
When we talk about Web 2.0, of course, we are talking about the move away from using the Internet just to find data and towards empowering individuals to create data. Blogs, Wikis, Social Networking tools, document repositories, photo sharing, etc. have given individuals far more ability to create, store, and collaborate with outside entities without needing to go to their IT Department. In fact, many of the IT staff may have no idea, for example, that someone in the Sales Department is using Google Docs, or Salesforce to have access to important sales information from any location with an internet connection.
Some organizations have simply created a ban, either through policy or blocking technology, and may therefore feel that the problem is taken care of. In an ideal world, all of the employees of the organization go along with the official policy, do not find ways around the ban, and there is no business data out “in the cloud” that you need to worry about. And then, there is the world we actually live in. Eventually some client or business partner is going to demand that this business use Web 2.0, or “cloud computing” to more effectively communicate and collaborate on an ongoing project. They are going to want to take advantage of the ease of use, ubiquitous availability, and possibly the lower costs provided by the technology, and they will demand that these bans be lifted. If your organization refuses to use the technology, there’s a competitor who will be more than happy to take your place.
While there are still some questions about the security and real costs associated with hosting data using various online services, it is growing in popularity. More and more small companies and individuals are seeing the benefits of using Google Docs, or Zoho as opposed to paying for Microsoft Office, storing large amounts of data online as opposed to keeping track of backup tapes. They are using TripIt to organize their travel plans, LinkedIn to organize their business contacts, and countless other services to store and share their data. After all, why email a Word document back and forth 10-20 times with various changes going back and forth between 4-5 people when you can simply create one document online, and grant access to the original to everyone who needs to have input? You could even then revoke access once you have your final version, as opposed to worrying about how many copies of draft versions exist.
The benefits and associated new risks are real and like rock ‘n roll, appear to be here to stay. As the years go on, more and more graduates are coming into the workforce having always worked this way. The generation that has grown up using Facebook, Instant Messenging and Blogs is going to be very comfortable with the idea of collaborating online. They’ve been “living” online for years, why wouldn’t they work online as well?
The question isn’t how do you keep all of your data from ever getting outside of your company firewall, it’s how are you going to identify where it is, and how you’ll acquire it when you need it in response to a discovery request. If your current litigation readiness plans don’t include all potential locations, including those well outside the corporate firewall, it might be time to consider what kind of storm might be lurking in the clouds.