The Electronic Discovery Reference Model (EDRM) covers the whole spectrum, from identification of documents, preservation, collection, processing, review, analysis, production and presentation.
It is in the earlier parts of the model, that is the; Information Management, Identification, Preservation and Collection, that Legal Departments are increasingly playing an active role in managing or controlling the processes, instead of relying on their outside counsel and other providers to carry out all these activities. See below for more detail on these.
A critical aspect of litigation response is "Legal Project Management". Increasingly Legal Departments are viewing large litigation cases as "Legal projects" and have specialists team to handle these disputes: these project teams are typically led by a litigation lawyer who will drive the legal strategy and response, supported by a Project manager who will coordinate all non-legal aspects: internal/external communication, liaising with the Technology team for the eDisclosure process, liaising with Outside counsel and other providers.
This is all about getting your electronic house in order to mitigate risk & expenses should eDisclosure become an issue, from initial creation of electronically stored information through its final disposition.
The main challenge for Legal Departments is making sense out of a raft of conflicting requirements. Depending upon the industry, there are often regulatory obligations above and beyond the normal business practices controlling how long information is kept and in what state. In the main, the default position has been to keep everything, a policy that then causes significant cost issues when you have to process all that data for litigation. US figures suggest that it costs 5 cents per GB to store information, but if that data then ends up being used in court (i.e. goes all the way through an eDisclosure process) the cost per GB rises to a $1,000. The figures might not be precise, but it shows the staggering cost of not tackling the problem at the source.
This is where you might find yourself going to external counsel or a large consultancy for the "least worst" approach to data retention requirements for a specific industry.
Locating potential sources of ESI and determining its scope, breadth & depth.
Once you have an idea of the issue(s) you are facing then you need to track down the various locations within your organisation where information might be held. At this stage it is key that you involve the appropriate level of people from the IT function within the organisation. Do not assume that people have been following the laid down procedures that you spent so long deciding upon. Practical issues in day to day working life can cause even the most well intentioned of employees to circumnavigate your records information management (RIM) policies, even if you have them in the first place. This is the area were some organisations are deploying eDisclosure tools known as Early Case (or Data) Assessment (ECA) products, giving themselves the ability to trawl the information within the company to find answers to new issues. Legal Departments should be directing these tools, you don't need to drive them yourself. If your in-house technology people are not up to this, and that's common, you might consider having call off contracts in place with known vendors well before the litigation occurs.
Some consultancy/forensic organisations specialise in producing something called a "data map". This is NOT a technical document showing all the servers and other bits and pieces that makes up your IT infrastructure. Rather it is a written description (possibly with a diagram or two) taking up an A4 page or so, of where the various data sources are. For example; “Most of the information is stored on the email servers, but some is on the back-up tapes, and there is a company the main firm took over last year that has got its own IT infrastructure which will need to be examined.”
Ensuring that ESI is protected against inappropriate alteration or destruction.
Once you have determined the possible scope of the areas you might (or definitely will) be collecting data from, you need to ensure that you don't delete or damage the ESI in those locations. This is were talking to the IT department comes in, you might consider things like; stopping the re-use of back-up tapes (it can be cheaper to buy a whole new sets of tapes that over-write important evidence), or removing the limits on email in-boxes that cause emails over 60 days old to be deleted, or putting a hold on the re-use of the PC used by the employee that is suing your firm.
If you are in an industry that is in a permanent state of litigation you might well have invested in technology that allow you to suspend the deletion of documents, but this is usually overkill for the rest of us.
The key area that causes problems is when there is a “disconnect” between Legal Departments and their IT department. You might want to make sure that someone from your IT department is involved in the initial meetings/conversations so that they can understand what the external counsel are asking the organisation to do. If you are not comfortable with your level of technical knowledge you might want to take along support from a vendor so they can talk “Geek to Geek”.
Gathering ESI for further use in the e-discovery process (processing, review, etc.).
As a rough guide, there are two kinds of data collection, those that require a forensic process (complete with chain of evidence documentation) which is normally in cases of fraud, and the rest, where you just need to collect the data in a competent manner. The first group is a specialist area, and if you are involved in this kind of proceedings, your external law firm will probably have a "tame" forensic investigator that you can use, if not you, or they, need to find one. The forensic data capture might also involve things like retrieving data from mobile phones, making forensic copies of PC's or other computer equipment, and all other kinds of highly specific activities.
Turning to the more generic area of data collection, there are two schools of thought. One, is that you collect very broadly (so you only disturb the business once) and use the downstream processing to winnow out what you need. The other, is that you do a focused collection and run the risk of having to come back and widen the scope. Each is valid, and they are none-exclusive, in that you can start focused and (if the case progresses/warrants it) come back later and do a wider collection for downstream culling.
This is where an understanding of the case, and where the information is stored is invaluable, as you can then make informed decisions. With, of course the price of the different options and how it affects the downstream processing very much to the forefront of your mind.
Forensic data collection organisations are a specific grouping of service providers. Make sure that you get a forensics company and not just a litigation support service provider that has sent someone on a data collection course. They tend to use products such as Guidance EnCase or Access Data's FTK toolkit to carry out the collection process, indeed this product is often used by the other group as well, just without the formalised chain of evidence documentation. The key thing is that people in this first group are used to appearing in court as an expert witness to explain how they obtained the specific piece of information.
The second type of data collection can be handled by a number of vendors, though in practice, using the specialist organisations and dispensing with the formal side of things is a sound tactic.
Further reading & useful links:
The GCOC (Compliance, Governance and Oversight Council) website has great resources and information: https://www.cgoc.com/
The CGOC aims at providing a framework for all aspects described above, not just the eDisclosure portion.
The Electronic Discovery Reference Model (EDRM) website has a wealth of content for the eDisclosure specific aspects of Litigation management: http://www.edrm.net/