Email is certainly not “out” as an information source when it comes to doing eDiscovery but structured and unstructured content are definitely “in” as the new primary information sources that global companies access when responding to an eDiscovery request. That is just one of the conclusions reached in Symantec’s 2011 Information Retention and eDiscovery Survey announced today that was based on feedback from 2,000 global enterprises and released today. But even as companies change what internal information sources they access during eDiscovery requests, many remain ill-equipped to deal with it.
In May and June of this year Symantec engaged Applied Research to poll a list of advisory group members known to Symantec who consisted of equal parts technology and legal professionals. All of these individuals work for companies that employ at least one thousand people and are themselves involved in some way with responding to eDiscovery requests on behalf of their company.
Based on the survey results it is clear that global companies are responding to a growing number of eDiscovery requests. In answering the question as to how many times in the past year that their company had to respond to a legal, compliance or regulatory request for electronically stored information (ESI), companies on average had to deal with about 64 requests for ESI annually.
However the source of where they internally had to go to access this information was no longer primarily in the email archives. While email was still requested 58% of the time in conjunction with a legal, compliance or regulatory request for electronically stored information, 67% of the requests were now for information residing in business applications and files and documents as opposed to email.
This swing toward alternative sources for information internally within these global organizations reflects the broader changes that are occurring in society as a whole. Email is still clearly a leading way that people use to communicate and share information but texting, instant messaging and social media are supplanting email in many of these organizations. Further, as organizations continue to store more information in structured forms such as data warehouses as well as in shared network repositories or even the cloud, limiting eDiscovery to just email is just, well, too limiting.
It is for these reasons that when in speaking Dean Gonsowski, Symantec’s Associate General Counsel and Vice President (eDiscovery Services), he commented, “Companies can’t afford to ignore any one specific sector of ESI anymore. This survey shows that every company has to deal with a heterogeneous ESI mix.”
eDiscovery identification, collection and preservation are typically the first few avenues that a company executes on when handling a legal, compliance or regulatory issue. The Electronic Discovery Reference Model defines them as:
- Identification: “…identify and validate potentially relevant ESI sources including people and systems.”
- Collection: “…methodology for acquiring ESI in litigation matters, governmental inquiries, and internal investigations in a legally defensible manner.”
- Preserve: “…promptly isolate and protect potentially relevant data in ways that are: legally defensible; reasonable; proportionate; efficient; auditable; broad but tailored; mitigate risks.”
Yet before a company may enter any of these eDiscovery phases they should already practice some form of information management that enables them to effectively and actionably manage data from creation to cremation. It is in this area that the survey reveals a gap between top and lower tier companies.
Companies that employ best practices handle eDiscovery requests 64% faster than those that do not have an information management practice in place. In addition, they realize other practical and financial benefits from having such practices in place. For instance, this survey also found that these companies:
- Were 78% less likely to be sanctioned by the judicial system. If companies are sanctioned, this can lead to financial losses as is mentioned in an ABA Journal article from January 2011.
- Reduced labor costs by 65%. Companies with no information management plan spent approximately 66 hours doing eDiscovery collection from backups per request. Considering that the average annual salary of a system administrator is $60,000, companies without an information management plan can incur $165,000 annually in labor costs.
These results should not lead companies that do not have formal information management plans in place to despair but neither should they bury their heads in the sand. There are four actions they can take now to minimize labor costs, improve how they respond to requests for information residing in business and social networks and decrease their losses due to sanctions and IT work. These are
- Use backup for recovery and not as an archive.
- Create a separate archive that is accessed during an eDiscovery request.
- Archive business process management applications and social network activity along with emails
- Introduce an information management and electronic discovery plan
This survey reveals that more has changed than just where organizations are accessing information during eDiscovery requests. At a deeper level, it reveals that organizations have fundamentally changed how they are communicating and sharing information and while this change does not obviate the need to access and search emails as part of the eDiscovery process, it certainly creates a new need for these organizations to put in place solutions that reach further into their enterprise than ever before.