Lighthouse has received a number of requests for an ediscovery 101 primer. In this blog, I will cover some of the fundamental aspects of ediscovery for those of you who are new to the industry or in need of a refresher of the basics.
eDiscovery refers to the discovery of electronically stored information (“ESI”), and, in a lot of respects, it is no different than ‘traditional’ discovery. Where it differs is in the sheer volume of data – one gigabyte of ESI is the approximate equivalent of 75,000 pages of printed information. It is not uncommon for a single custodian to have several gigabytes of data, and servers can hold data corresponding to 25,000 boxes of paper!
Further, ESI is everywhere. It is in email, Word files, Excel spreadsheets, PDFs, databases, IMs or other ‘chats,’ photos, voicemail, smartphone applications, and more. Data may be stored on company-owned laptops, desktops, smartphones, and servers, as well as non-company owned server farms, employee-owned computers or smartphones, CDs, DVDs, thumb drives, or “in the cloud.” Each system may have separate methods to ensure data is retained, as well as different constraints for collecting and downstream processing to ensure data is not altered and reviewable for production.
Click here to view image.
Processing the collected data is typically several steps designed to extract metadata, ensure data is indexed and searchable, remove program files and other non-user-created data, as well as duplicate files, and more. Search terms may be used to hone in on pertinent data or computer learning techniques, such as Technology Assisted Review (TAR), can be employed to further reduce the data needing to be reviewed.
Document review can take many forms, from the old-school document-by-document (linear) review to the more modern technology assisted methods including TAR, email thread analysis, and automated redaction. Document review may also involve multiple review passes, as documents are assessed for responsiveness and privilege information, and perhaps even tagged based on topic.
Once review is complete, production may occur, which usually comes with its own set of procedures and complications. Documents may be converted to static images, such as a PDF or TIFF. Any redactions need to be added to the production TIFF images as they are created and care must be taken to ensure extracted metadata does not contain remnants of that which was redacted. Confidentiality and serial number stamps may be applied and the document set prepared, perhaps even including a load file containing a subset of the metadata.
Of course, the entire process (and then some) is wrapped into information governance (IG). Enacting a robust IG policy, including data retention schedules, can reduce risk and the overall cost of ediscovery.