Dealing with In-House Counsel Concerns Regarding the Management and Discovery of Electronic Data
The tremendous growth in organizational data and the proliferation of legal action have many in-house attorneys nervous. What is keeping them up at night? Here are some of the main concerns that have been expressed and ways to address those concerns.
When a mistake is first discovered, an immediate response is always in your best interest. Assess the mistake quickly, fix the problem quickly and communicate the issue and the fix to the other side. You should also have that same conversation with other members of your discovery team, including IT staff, in-house counsel, outside counsel and vendors.
What will the cost of discovery be and can you rely on the initial cost estimate? Is the amount in controversy worth the amount invested to defend the claim?
The prime driver of cost is the volume of data that will need to be processed and reviewed. Although processing and hosting costs can be a big expense, the greatest expense occurs because of the time taken to review the documents. The RAND Institute for Civil Justice published a study in 2012 that estimated the cost of legal review for privilege and responsiveness accounted for 73 percent of e-discovery costs. In addition to taking advantage of analytics and computer-assisted review to efficiently cull and review large amounts of data, consider the option of teaming with service provider that offers managed review services at a fraction of the price of using outside counsel or your organization’s legal staff.
The ease and immediacy of search tools such as Google and Bing combined with the ability to download free software make it difficult to monitor and stop employees from doing so. There is a proliferation of the bring-your-own-device mentality with the ability to download and store company documents. The number and types of social media continue to expand.
Another frightening example is the option to record meetings when you are conducting audio conference calls, in which some systems ask the moderator about creating a recorded version of the call, generating a potentially discoverable document. (Obviously the answer to that prompt should in most cases be no, and that should be communicated to anyone using your conferencing system.)
Many legal departments tire of being known as the department of “no.” One way to deal with a request concerning the use of new technology is to change the answer from no to “not that way.” Another solution is to figure out a way to say yes, but implement a process to limit the organization’s exposure. In most cases, data created and stored by employees can be defensibly deleted, unless that data has either a business purpose or a regulatory purpose. Policies should be developed, implemented and regularly communicated to all employees concerning new technologies and file types. And those communications must be verified! The entire policy-making process should be documented in case you need to prove the reasonableness of the deletion policy.
You may have done all the policy-making, implementation, communication and verification, only to find out that a creative employee has developed a “quicker” way to get to documents, which are not then being deleted. If they exist, they are discoverable.
Make sure that you have a data retention policy which is regularly communicated, and the communication is verified. The policy should include where data can be stored and accessed, as well as what sort of documents can and should be deleted. A good policy will at least alleviate the concern that the ability to save vast amounts of data has led to the concept that “because we can save everything, we must save everything.”
Sleep well, Mr. or Ms. Inside Counsel. Perfection is not the standard. But your policies and processes need to be well thought out and reasonable. As technologies are developed and changed, consider the effects on your organization’s data management policies, discuss the issues with your team and document the discussions. It may be reasonable to do nothing as long as you have documented the reasons why.