This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."
Download it now to read this article plus other related content.
When it comes to e-discovery, temporarily hang up your security hat.
Every now and again, the talker is called out--sometimes through a mistake or by someone with deeper technical expertise. While everyone makes mistakes, when it comes to handling e-discovery requests, errors or lack of knowledge can be damaging, costly, and simply unforgiving.
E-discovery begs the ultimate collision of legal and technology worlds. A retooling of thought toward a legal mindset is necessary to properly handle e-discovery requests. "Winging" a response or approach to a request isn't sufficient. Not only do you need to know what you're doing, but you have to be willing to acknowledge and learn what you don't know. This means putting on your data protection hat and a pair of legal glasses and thinking like a litigator.
The first step in thinking like a lawyer is figuring out what questions to ask or steps to take before arriving at a final answer--i.e., production of data. Even if an e-discovery request trickles down
| through layers of corporate hierarchy and it's unlikely you'll ever set foot in court, think about and document the methodology followed for data preservation, collection and processing, anticipating weaknesses the opponent will try to find.
The absence of scrupulous documentation with respect to data collection such as a record of how data was preserved and collected may serve as fodder for additional claims, defenses or theories. If you're asked to pull responsive data and the case lands in court two years later, you're probably not going to remember exactly how you fulfilled that request or the steps taken to get it ready to produce. Extensive documentation of methodology and process is critical, so you can confidently explain your process and repeat it later.
The recent Qualcomm discovery nightmare is a reminder to consider location, location, location--i.e., where a company harbors responsive material. An organization must make a good-faith effort to harvest documents from all potential repositories and give supported assurances of a complete search. Keep in mind that consequences flow from a lack of diligence, such as recklessly ignoring relevant documents, as sanctions on Qualcomm and its lawyers for withholding "tens of thousands of emails" adeptly illustrate in a patent infringement case against Broadcom.
This was first published in March 2008