Large data volumes, distributed data sources and multiple stakeholders characterise typical business in today’s digital world. Mobile and wireless technologies have further increased data volumes and data sources, while permitting access to data anywhere. Coupled with the ever increasing data volumes is the inability to keep up with effectively managing the storage, security and transfer of this Electronically Stored Information (ESI).
ESI has become invaluable in litigation today and in many countries its disclosure is a requirement. The costs associated with it are significant, posing a major challenge for companies faced with litigation and regulatory investigations requiring extensive data collection and review. The need for businesses being prepared to adequately respond to requests is a priority.
Unlike collecting boxes filled with lever arch files from an office, ESI requires a different approach due to the sheer volume of information (e-mails, documents and databases) that are potentially relevant. ESI can be easily altered (intentionally or not) and data thought to be deleted can often be recovered. Therefore, specialised tools are required to collect, preserve and process this information. This process can be time consuming and costly if not planned and managed correctly. Protection of privacy and privileged information is more difficult in the electronic realm and with the pending Privacy and Data Protection Bill in South Africa this also requires consideration.
Being prepared for electronic disclosure starts with an executive e-disclosure policy, governed by internal procedures and government regulations concerning storage of data and should not be developed in isolation of a company’s technical infrastructure. Challenges such as complex system architectures, remotely archived data and system availability need to be considered as policies are meaningless if they cannot be practically implemented. These should differ in language (technical as opposed to legal) but need to be aimed at aligning the Information Technology (IT) and Legal functions.
Once these policies and procedures are in place and all sources of available data have been documented, a ‘dry run’ based on a ‘mock’ regulatory matter is recommended.
To save time and costs, ideally in-house lawyers should be educated up-front regarding the internal IT infrastructure and in the use of various e-discovery tools and processes.
By combining sound e-disclosure policies and procedures with effective data management as well as collaboration between IT and Legal departments, companies can respond timeously to requests and reduce the amount of data collected, processed and reviewed in a cost-effective manner.