IT professionals can save themselves a great deal of hassle by working with counsel to standardize on a communication methodology that addresses potential discovery-related activity. A useful strategy would define a communication channel with counsel whereby IT personnel can be brought in to the discovery process as early as possible.
Increase Customer Sales with VerticalResponse Email Marketing! Quickly and easily send email newsletters, coupons & sales announcements to your customers – no technical expertise needed. Sign up for your Free Trial today and send 100 emails on us!
If you're like most of us in IT, you probably have a relatively small number of individuals in your firm that you're used to working with fairly closely.
For example, if you're a development manager, you probably work closely on a daily basis with the business folks to understand their requirements for the systems you develop. If you're a network architect, you might work closely with software architects in order to optimize the network to support the applications that people use daily.
However, no matter where you are in IT and no matter what firm you work for, chances are that one area of the firm you don't work closely with is inside counsel -- in other words, legal.
Now, that's not to say that there's never any interaction between these two areas. For example, in the case of human resource investigations or employee terminations, both areas might be brought in to perform a certain role.
However, if you're an IT person and you have a speed dial, chances are that nobody from the legal team is on it. Get ready, though, because new rules for data discovery could be about to change all that.
, instant messages and others -- make up the vast majority of correspondence and record-keeping in most firms, it would make sense that they would be relevant to many legal proceedings.
These artifacts are transitory -- that is, they can be deleted, archived or moved without manual intervention as part of the everyday process of doing business -- and it makes sense that specific attention be paid to making sure that evidence is available should the need arise.
Given these factors, the Federal Rules of Civil Procedure (FRCP), or the corpus of court procedures governing how civil trials are conducted in the United States, have been amended to specifically address digital evidence.
There had been practical examples of discovery in a digital context prior to this (e.g., Zubulake vs. UBS Warburg), but the changes to the federal rules formalize the approach.
These amendments went into effect Dec. 1, 2006, and spell out what is required in case digital evidence is required during a legal proceeding.
The changes to the federal rules that specifically relate to discovery are rules 26 and 34. Without going into the specifics, they basically spell out that all nonprivileged electronic documents be searched, that all electronic documents be disclosed (without the requirement to await a specific request) and that all relevant documents be identified for use during the pretrial phase of the court proceeding.
From an IT perspective, this is a tall order. These requirements imply that we know where all of the digital archives, records and e-mails in the firm are located, how we can go about getting access to them, and the timetable associated with which e-mail, instant messages and documents might be routinely deleted in the course of doing business.
In most firms, the support of multiple e-mail servers, the use of off-site backups, and lack of a standardized policy for e-mail deletion and retention complicates satisfying these requirements.
Furthermore, different technologies might have different administrators that oversee their operation; for example, e-mail might have a different administrative team than messaging or mobile devices.
In sizable organizations, finding the right person to talk to about retention of these artifacts can be a lengthy exercise. Couple this with the fact that there's a fairly tight timetable spelled out in the FRCP, and you have a recipe for trouble.
Of course, the rules are intentionally burdensome but they specifically indicate that requests for discovery should be balanced with an organization's need to continue to do business; in other words, the goal is not to make it impossible for a company to survive while records are being produced.
However, it is important to recognize that some level of burden is inherent in doing anything outside the norm, and strategic, advance planning can reduce that level of burden quite significantly.
I'm not a lawyer, and this is not legal advice. However, from a planning perspective, there are a few steps that IT can take that can spell difference between efficiently responding to requests from the legal team and being bogged down by "whose job is it to find this stuff anyway" concerns.
One of the main issues from an IT perspective is the tight time frame associated with discovery requirements.
If IT is not brought into the process early, individuals responsible for tracking down records, requesting backup tapes, ferreting out historical data and searching the archives can find themselves behind the eight ball when it comes to responding in a timely manner.
IT professionals can save themselves a great deal of hassle down the road by working with counsel to standardize a communication methodology that addresses potential discovery-related activity.
A useful preparation strategy would define a communication channel with counsel whereby IT personnel can be brought in to the discovery process as early as possible. This would allow IT to start tracking down where this information is and determining how to obtain it.
Additionally, it is useful to reassess overall record retention policies within the firm (in tandem with counsel) with an eye to efficiently responding to discovery. Specifically, the FRCP recognize that some firms delete data after a period of time as a normal course of business.
In these cases, companies that have a defined policy for the destruction of records are not obligated to produce records that are outside the window of when data is retained.
It is imperative that counsel oversee the development of these policies, as time frames should be short enough to minimize the burden associated with searching for artifacts, but long enough to be "reasonable" (i.e. not created specifically to destroy evidence).
, consulting and solutions to clients worldwide, as well as a founding partner of
Security Curve. His extensive background in computer security includes experience in forensics, application penetration testing, information security audit, and secure solutions development.
Print Version
E-Mail Article
Reprints
More by Ed Moyle
Next Article in Enterprise IT
|
Is Wal-Mart's Support for Suse Linux a Tipping Point? January 23, 2007 
Microsoft and Novell have garnered a big customer win following their odd couple deal to collaborate: Wal-Mart, the world's largest retailer, has decided to ditch Red Hat in favor of Novell's Suse Linux, with Microsoft providing assistance in managing interoperability with Windows in the company's mixed-platform IT environment.
|
Related Stories
|
E-Discovery Amendments: Save Your Old Voice Mail November 14, 2006 
"Under the federal rules amendments, judges will be increasingly vigilant about production of all forms of electronically stored information, and companies should be proactive in processes for preserving and producing voice mail and other audio files," said Kenneth N. Rashbaum, compliance attorney and partner at Sedgwick, Detert, Moran & Arnold.
|
More by Ed Moyle
|
Why It Pays to Second-Guess Your Technology Assumptions October 20, 2009 
One of the many pitfalls of information security is the illusion of permanence that surrounds many longstanding tools, policies and ways of doing business. Too often, the fact that "it's always been done that way" clouds our judgment and blinds us to a system's holes. To avoid that mistake, it's time to learn how to second-guess yourself.
|
The 'Visual Yield' of Information Security September 15, 2009 
In terms of home improvement, the term "visual yield" relates to how much visual impact a change brings about, regardless of how much work it took. When it comes to security and technology, everything we do has a "visual yield," just like remodeling a house does -- it's just that we're not usually as aware of it.
|
Maybe the Policy Is the Problem August 18, 2009
Some security policies fail because they run counter to the ways human beings are socialized to act with each other. The classic example is the "no tailgating" policy many companies set for their buildings' entrances. Our natural inclination is to hold the door for others, but the policy mandates that we have to shut it in others' faces. Policies that factor in human nature are the ones that stick.
|
Get Business and Technology News Alerts
Most Popular | Spotlight Features | Exclusives
This Week on ECT News Network | Podcasts
Online Retail Transaction Performance Indices
Inside E-Commerce Times
|
Reader Services
|
Corporate
|
Headline Feeds
Talkback: 
