eDiscovery Compliance for Existing and Planned Information Systems

According to National Law Journal (2006), about 90% of business documents are stored in electronic form, while between 60% and 70% of corporate data reside in e-mails or in attachments.

Recent government regulations, the amendments to Federal Rules of Civil Procedure (FRCP), effective on December 1, 2006, mandate a completely new level of corporate electronically stored information (ESI) treatment and litigation readiness. An amended Rule 33(d) states that "the business should be able to give to the interrogatory party the reasonable opportunity to examine, audit or inspect such records and to make copies, compilations, abstracts, or summaries."
Rule 34(b)(i) stipulates that "a party who produces documents for inspection, shall produce them as they are kept in the usual course of business or shall organize and label them to correspond with the categories in the request".

The new regulation, effectively forces businesses to develop an eDiscovery response strategy on the very early stage, making early acceptance of new record management technologies and tools a must. At the same time, according to a survey by Océ Business Services (2007), only 10% of enterprises are well prepared to face an eDiscovery request. 55% of companies consider themselves not to be prepared enough. And finally, 35% of respondents did not even understand the changes brought by FRCP amendments very well.

This paper discusses the ways to make your enterprise information system eDiscovery compliant in the most effective way.

Why eDiscovery compliance is important? The main threats to a non compliant enterprise come from litigation costs, company downtime, and brand damage.

Litigation costs and legal fees, associated with improper ESI management result from spoliation of evidence, adverse inference, summary judgment, and sanctions (see Qualcomm v. Broadcom). In gender discrimination lawsuit, (Zubulake v. UBS Warburg), the court ordered defendant to produce all electronic evidence at its own expense - a huge amount of data stored on optical disks, active servers, and backup tapes. Some tapes appeared to be non-functional or tampered with - the defendant was facing monetary charges for its failure to preserve the missing tapes and e-mails. It is important to point out that while judicial procedures did not reveal any documents supporting the plaintiff, the defendant lost the case because of the improper storage and management of company documents.

The cost of company downtime due to on-site or off-site discovery process, are best illustrated with the following real-life example. The United States Secret Service executed a search warrant at SJ Games Inc. office computers looking for evidence of data piracy (SJ Games, Inc. v. United States Secret Service). Due to huge amount of data, officers decided to remove the companies hardware to a dedicated site for an off-site search. The hardware was not recovered until four months later. The company had to lay-off half of its employees and was ready to close its doors. Some of the SJ Games expenses were recovered in court only three years later.

Brand damage and losses associated with bad PR, loss of trust leading to loss of clients, stocks plunges, etc. can mount up after the general public finds out that the search warrant was issued against an enterprise. It is in the company's interest to complete the unpleasant procedures and clean its name as soon as possible.

Good data organization, ease of retrieval, protection from spoliation and tempering are the key elements of eDiscovery preparedness. I will consider two potential situations: when the data storage infrastructure is already in place and when the system is at the planning stage.


Existing system

If your data storage infrastructure is working, you should take great care in making it eDiscovery compliant without disruptions to its operations. A compliance-oriented system should not interfere with normal everyday functions of the existing software and hardware infrastructure.

It would be nice to find means to avoid the introduction of changes into a stable and functioning logic of your system. Such changes generally lead to the introduction of potential instabilities in its work and may lead to huge expenses for testing and bug-fixing. There is a way to avoid these inconveniences - give access to your documents stored inside your system as if they were files and folders on a virtual disks. You may object that in-house development of such virtual disk capabilities require serious investments (thousand of man hours of a highly skilled labor). The CBFS Connect will solve this problem for you.

CBFS Connect is a software component for developers, allowing virtual real-time representation of any data as files and folders of an ordinary file system. The files may be accessed through a currently used software, without the necessity to write adapters, parsers, or converters. CBFS Connect is based on a kernel-mode driver and, therefore, necessitates the implementation of only a limited number of callback functions, without needing a low level file system programming. The use of CBFS Connect allows your developer to implement all new FRCP provisions in the shortest amount of time. The main arguments for the use of CBFS Connect to increase eDiscovery compliance of a computer infrastructure are as following:

  1. The presentation of any data as files and folders improves preparedness for an eDiscovery event. Good document organization and their availability makes an investigation possible, and reduces the time law-enforcement officers need to find necessary documents, regardless of their format or location. You can arrange your documents by simulating virtual folders within month-day-year, thematic, or any other hierarchy.
  2. To facilitate eDiscovery procedure, the data comprising e-mails and instant messages must be made easily accessible to investigators. The functionality of CBFS Connect permits the presentation of this unstructured content as regular files, thus, making search through them is as easy as an ordinary Windows search. The distributed nature of CBFS Connect makes possible the single-run searches of data spread across several platforms and storages.
  3. CBFS Connect allows the presentation of data in any format stored, either locally or remotely: in database records, on mobile devices, in Internet storage, spread over several data storages, or elsewhere.
  4. The use of CBFS Connect, allows the assignment of data access privileges scheme, which makes possible setting restriction on read and write operations, or protecting the data from tampering, by giving it read-only access.

To summarize: with the help of CBFS Connect, your developers will be able to adapt an existing information system to recent FRCP requirements quickly and without significant system downtime.


System in planing

Needless to say, all newly developed enterprise infrastructures dealing with electronically stored information, must be designed eDiscovery compliant from the beginning. One of the good ways to deeply integrate FRCP requirements into a system being planned, is the use of CBFS Storage. This software component makes possible the creation of huge encrypted distributed data storages with the support of metadata, tags, timestamping, access rules, strong encryption, etc. The benefit of CBFS Storage can be briefly outlined as following:

  1. The excellent document organization, is certainly a benefit of CBFS Storage. Regardless of the place where these documents are stored, the enterprise can be sure that they are not prone to loss, tempering / spoliation, inadvertent or intentional destruction.
  2. Built-in cryptographic protection of CBFS Storage, excludes unauthorized data access. The most efficient moder cryptographic algorithms may be used to not only encrypt / decrypt data, but also to timestamp them and allow integrity checks.
  3. Self-integrity check is another extremely useful functionality of CBFS Storage. Even if a media where the storage is located becomes physically damaged and unreadable through negligence or evidence spoilage effort, it will not result in loss of the whole storage. The damaged part can be reconstructed from the previous version of the storage. This effectively excludes situations similar to the one that resulted in defendant's loss in Zabulake v. UBS Warburg case.
  4. To make access to your storage as regular files and folders from any application, you may utilize CBFS Storage Driver Edition. It makes possible the development of monitoring tools, watching the changes made to files inside the CBFS Storage and exporting them in any convenient format for eDiscovery investigation.
  5. Providing a whole integral storage to the investigators for on-site or off-site search, is faster and cheaper than dealing with myriads of separate files, folders, database records, e-mails, instant messages and scattered other the whole system.
    eDiscovery compliance of an enterprise can be significantly improved through the implementation of efficient document storage, retrieval, indexing, and content search strategies. The efficient way to adopt an existing system is the use of CBFS Connect. On the stage of the system design planning, it is natural to consider the use of CBFS Storage Driver Edition as a native data storage platform.

Ready to get started?

Learn more about Callback Technologies or download a free trial.

Download Now