Posted on: September 25, 2014in Blog
8 Best Practices for Handling Electronic Evidence
Why does electronic evidence multiply? Why does it move or get renamed or even deleted? It does not do it on its own… so who is responsible and why?
The storing and management of electronic evidence has been an important topic for litigation support, legal and IT teams for many years. The most common issues for each group surround how best to manage and control the information for ongoing use by the appropriate people without letting it get out of control. Some commonly raised questions are:
- Where is the data housed on the servers?
- Where “should” it be housed?
- How many copies of the data get made by the various interested parties?
- How long does the data reside on the servers?
- How is the data archived, if at all?
- What security is, or should be, applied to the data?
- Why has it been moved, renamed or even deleted?
The best way to address these questions is to develop and implement a set of best practices for the handling of electronic evidence:
- Inventory the evidence and store for control and review purposes.
- Record the location of all evidence stored.
- Record who has access.
- Create a location on the appropriate server(s) that will be the “forever home” for the data.
- Create a project folder and sub-folder structure that is replicated for all evidentiary storage projects.
- Identify location(s) that will be accessible for all internal litigation support applications such as processing, review tool access, etc.
- Legal teams should not have unrestricted access to the source data repositories. They should also refrain from creating copies of the source data on server locations, other than known locations established by IT and/or litigation support staff.
- Clean up and moving of source data, while done with the best of intentions, has been the cause of many a headache when applications fail to recognize the new location of source data. Further complications arise when no one knows where data went so that application remediation and archive or destruction requests are not able to be performed adequately.
- Apply the requisite security to the data storage location.
- Review any conflicts and/or ethical walls that need to be applied and apply them.
- Data that is not appropriately secured or secured only based on application access can cause problems when well-meaning staff who should not have access will locate source data and either move, delete or rename it for their use.
4. Duplication, Sub-Sets, Working Sets
- Do not create multiple copies of the same data set for use.
- IT directors and CIOs generally find themselves having to purchase additional storage because of the replication of evidence across their server farms.
- Working copies or working data sets should be deleted upon completion.
- If working sets are required to be saved they should remain under the main project folder heading for management and control.
- Duplication required for processing output and review tool loading should be managed by the litigation support staff and controlled carefully if the application tool does not integrate with the processing application.
5. Review Tool Access
- It is essential that evidence sets used to populate internal review tools do not get moved.
- All data sets used to populate review applications should be secured for limited access by litigation support and/or IT staff only.
- Production data should be saved within the litigation support folder structure.
- Legal team access to production data should be managed pursuant to internal procedures.
- Initial backup of the complete evidence folders is an essential part of the IT process.
- Other backups should only capture changes made as part of the review process, if new data has been added, etc.
- Frequent analysis of data repositories should be performed.
- Internal parameters should be set to identify old and non-active projects that can be archived or deleted if clients agree.
While the above list may seem obvious the practical application of these are few and far between. Data can and should be managed and secured.
D4 Weekly eDiscovery Outlook
Power your eDiscovery intellect with our weekly newsletter.
Posted November 16, 2017
5 Workflow Tips for Conducting a Foreign Language Review
Posted November 10, 2017
What You Need to Know About Managed Review and the eDiscovery Process
Posted November 02, 2017
7 Steps to Help You Defensibly Migrate eDiscovery Data
Posted October 27, 2017
CLE Webinar with Lewis Brisbois: How to Do Social Media Collection and Presentation Right
Posted October 26, 2017
Despite Clawback, Defendant’s Reckless Abandon of Rule 502 Bites Back
Posted October 20, 2017
How to Use the eDiscovery PST Export Tool in Office 365 E3
Posted October 12, 2017
Recent eDiscovery Cases for Mobile Phones and Social Media
Posted October 05, 2017
Raising Objections to the Format of ESI Productions: Do it Early and Do it Clearly
Posted September 27, 2017
5 Reasons eDiscovery Alternative Fee Models Make Sense for You
Posted September 22, 2017
Why it's Crucial to Have a Corporate Mobile Device Policy